Paper data storage refers to the use of paper as a data storage device. This includes writing, illustrating, and the use of data that can be interpreted by a machine or is the result of the functioning of a machine. A defining feature of paper data storage is the ability of humans to produce it with only simple tools and interpret it visually. Though now mostly obsolete, paper was once an important form of computer data storage as both paper tape and punch cards were a common staple of working with computers before the 1980s. == History == Before paper was used for storing data, it had been used in several applications for storing instructions to specify a machine's operation. The earliest use of paper to store instructions for a machine was the work of Basile Bouchon who, in 1725, used punched paper rolls to control textile looms. This technology was later developed into the wildly successful Jacquard loom. The 19th century saw several other uses of paper for controlling machines. In 1846, telegrams could be prerecorded on punched tape and rapidly transmitted using Alexander Bain's automatic telegraph. Several inventors took the concept of a mechanical organ and used paper to represent the music. In the late 1880s Herman Hollerith invented the recording of data on a medium that could then be read by a machine. Prior uses of machine readable media, above, had been for control (automatons, piano rolls, looms, ...), not data. "After some initial trials with paper tape, he settled on punched cards..." Hollerith's method was used in the 1890 census. Hollerith's company eventually became the core of IBM. Other technologies were also developed that allowed machines to work with marks on paper instead of punched holes. This technology was widely used for tabulating votes and grading standardized tests. Banks used magnetic ink on checks, supporting MICR scanning. In an early electronic computing device, the Atanasoff–Berry Computer, electric sparks were used to singe small holes in paper cards to represent binary data. The altered dielectric constant of the paper at the location of the holes could then be used to read the binary data back into the machine by means of electric sparks of lower voltage than the sparks used to create the holes. This form of paper data storage was never made reliable and was not used in any subsequent machine. == Modern techniques == === 1D barcodes === Barcodes make it possible for any object that was to be sold or transported to have some computer readable information securely attached to it. Universal Product Code barcodes, first used in 1974, are ubiquitous today. Some people recommend a width of at least 3 pixels for each minimum-width gap and each minimum-width bar for 1D barcodes. The density is about 50 bits per linear inch (about 2 bit/mm). === 2D barcodes === 2D barcodes allow to store much more data on paper, up to 2.9 kbyte per barcode. It is recommended to have a width of at least 4 pixels—e.g., a 4 × 4 pixel = 16 pixel module. == Limits == The limits of data storage depend on the technology to write and read such data. The theoretical limits assume a scanner that can perfectly reproduce the printed image at its printing resolution, and a program which can accurately interpret such an image. For example, an 8 in × 10 in (200 mm × 250 mm) 600 dpi black-and-white image contains 3.43 MiB of data, as does a 300 dpi CMYK printed image. A 2,400 ppi True color (24-bit) image contains about 1.29 GiB of information; printing an image maintaining this data would require a printing resolution of about 120,000 dpi in black and white, or 60,000 dpi with CMYK dots.
TiDB
TiDB (; "Ti" stands for Titanium) is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Designed to be MySQL compatible, it is developed and supported primarily by PingCAP and licensed under Apache 2.0. It is also available as a paid product. TiDB drew its initial design inspiration from Google's Spanner and F1 papers. == Release history == See all TiDB release notes. On December 19, 2024, TiDB 8.5 GA was released. On May 24, 2024, TiDB 8.1 GA was released. On December 1, 2023, TiDB 7.5 GA was released. On May 31, 2023, TiDB 7.1 GA was released. On April 7, 2022, TiDB 6.0 GA was released. On April 7, 2021 TiDB 5.0 GA was released. On May 28, 2020, TiDB 4.0 GA was released. On June 28, 2019, TiDB 3.0 GA was released. On April 27, 2018, TiDB 2.0 GA was released. On October 16, 2017, TiDB 1.0 GA was released. == Main features == === Horizontal scalability === TiDB can expand both SQL processing and storage capacity by adding new nodes. === MySQL compatibility === TiDB acts like it is a MySQL 8.0 server to applications. A user can continue to use all of the existing MySQL client libraries. Because TiDB's SQL processing layer is built from scratch, it is not a MySQL fork. === Distributed transactions with strong consistency === TiDB internally shards a table into small range-based chunks that are referred to as "Regions". Each Region defaults to approximately 100 MB in size, and TiDB uses a two-phase commit internally to ensure that regions are maintained in a transactionally consistent way. === Cloud native === TiDB is designed to work in the cloud. The storage layer of TiDB, called TiKV, became a Cloud Native Computing Foundation (CNCF) member project in August 2018, as a Sandbox level project, and became an incubation-level hosted project in May 2019. TiKV graduated from CNCF in September 2020. === Real-time HTAP === TiDB can support both online transaction processing (OLTP) and online analytical processing (OLAP) workloads. TiDB has two storage engines: TiKV, a rowstore, and TiFlash, a columnstore. === High availability === TiDB uses the Raft consensus algorithm to ensure that data is available and replicated throughout storage in Raft groups. In the event of failure, a Raft group will automatically elect a new leader for the failed member, and self-heal the TiDB cluster. === Vector Search === TiDB has a vector data type and vector indexes. This allows TiDB to be used as Vector database in AI Retrieval-augmented generation applications. == Deployment methods == === Kubernetes with Operator === TiDB can be deployed in a Kubernetes-enabled cloud environment by using TiDB Operator. An Operator is a method of packaging, deploying, and managing a Kubernetes application. It is designed for running stateful workloads and was first introduced by CoreOS in 2016. TiDB Operator was originally developed by PingCAP and open-sourced in August, 2018. TiDB Operator can be used to deploy TiDB on a laptop, Google Cloud Platform’s Google Kubernetes Engine, and Amazon Web Services’ Elastic Container Service for Kubernetes. === TiUP === TiDB 4.0 introduces TiUP, a cluster operation and maintenance tool. It helps users quickly install and configure a TiDB cluster with a few commands. == Tools == TiDB has a series of open-source tools built around it to help with data replication and migration for existing MySQL and MariaDB users. === TiDB Data Migration (DM) === TiDB Data Migration (DM) is suited for replicating data from already sharded MySQL or MariaDB tables to TiDB. A common use case of DM is to connect MySQL or MariaDB tables to TiDB, treating TiDB almost as a slave, then directly run analytical workloads on this TiDB cluster in near real-time. === Backup & Restore === Backup & Restore (BR) is a distributed backup and restore tool for TiDB cluster data. === Dumpling === Dumpling is a data export tool that exports data stored in TiDB or MySQL. It lets users make logical full backups or full dumps from TiDB or MySQL. === TiDB Lightning === TiDB Lightning is a tool that supports high speed full-import of a large MySQL dump into a new TiDB cluster. This tool is used to populate an initially empty TiDB cluster with much data, in order to speed up testing or production migration. The import speed improvement is achieved by parsing SQL statements into key-value pairs, then directly generate Sorted String Table (SST) files to RocksDB. === TiCDC === TiCDC is a change data capture tool which streams data from TiDB to other systems like Apache Kafka.
Future of Life Institute
The Future of Life Institute (FLI) is a nonprofit organization which aims to steer transformative technology towards benefiting life and away from large-scale risks, with a focus on existential risk from advanced artificial intelligence (AI). FLI's work includes grantmaking, educational outreach, and advocacy within the United Nations, United States government, and European Union institutions. The founders of the Institute include MIT cosmologist Max Tegmark, UCSC cosmologist Anthony Aguirre, and Skype co-founder Jaan Tallinn. == Purpose == FLI's stated mission is to steer transformative technology towards benefiting life and away from large-scale risks. FLI's philosophy focuses on the potential risk to humanity from the development of human-level or superintelligent artificial general intelligence (AGI), but also works to mitigate risk from biotechnology, nuclear weapons and global warming. == History == === Founding === FLI was founded in March 2014 by MIT cosmologist Max Tegmark, Skype co-founder Jaan Tallinn, DeepMind research scientist Viktoriya Krakovna, Tufts University postdoctoral scholar Meia Chita-Tegmark, and UCSC physicist Anthony Aguirre. === Activism === Starting in 2017, FLI has offered an annual "Future of Life Award", with the first awardee being Vasili Arkhipov. The same year, FLI released Slaughterbots, a short arms-control advocacy film. FLI released a sequel in 2021. In 2018, FLI drafted a letter calling for "laws against lethal autonomous weapons". Signatories included Elon Musk, Demis Hassabis, Shane Legg, and Mustafa Suleyman. In January 2023, Swedish magazine Expo reported that the FLI had offered a grant of $100,000 to a foundation set up by Nya Dagbladet, a Swedish far-right online newspaper. In response, Tegmark said that the institute had only become aware of Nya Dagbladet's positions during due diligence processes a few months after the grant was initially offered, and that the grant had been immediately revoked. === Open letter on an AI pause === In March 2023, FLI published a letter titled "Pause Giant AI Experiments: An Open Letter". This called on major AI developers to agree on a verifiable six-month pause of any systems "more powerful than GPT-4" and to use that time to institute a framework for ensuring safety; or, failing that, for governments to step in with a moratorium. The letter said: "recent months have seen AI labs locked in an out-of-control race to develop and deploy ever more powerful digital minds that no-one - not even their creators - can understand, predict, or reliably control". The letter referred to the possibility of "a profound change in the history of life on Earth" as well as potential risks of AI-generated propaganda, loss of jobs, human obsolescence, and society-wide loss of control. Prominent signatories of the letter included Elon Musk, Steve Wozniak, Evan Sharp, Chris Larsen, and Gary Marcus; AI lab CEOs Connor Leahy and Emad Mostaque; politician Andrew Yang; deep-learning researcher Yoshua Bengio; and Yuval Noah Harari. Marcus stated "the letter isn't perfect, but the spirit is right." Mostaque stated, "I don't think a six month pause is the best idea or agree with everything but there are some interesting things in that letter." In contrast, Bengio explicitly endorsed the six-month pause in a press conference. Musk predicted that "Leading AGI developers will not heed this warning, but at least it was said." Some signatories, including Musk, said they were motivated by fears of existential risk from artificial general intelligence. Some of the other signatories, such as Marcus, instead said they signed out of concern about risks such as AI-generated propaganda. The authors of one of the papers cited in FLI's letter, "On the Dangers of Stochastic Parrots: Can Language Models Be Too Big?" including Emily M. Bender, Timnit Gebru, and Margaret Mitchell, criticised the letter. Mitchell said that “by treating a lot of questionable ideas as a given, the letter asserts a set of priorities and a narrative on AI that benefits the supporters of FLI. Ignoring active harms right now is a privilege that some of us don’t have.” === Open letter on prohibiting superintelligence === In October 2025, another letter, the "Statement on Superintelligence", was published. It called for a prohibition on the development of superintelligence not lifted before there is "broad scientific consensus that it will be done safely and controllably" and "strong public buy-in". FLI director Anthony Aguirre explained that "time is running out", expecting that the technology could arrive in as little as one to two years and counting on "widespread realization among society at all its levels" to stop it. He added that "whether it's soon or it takes a while, after we develop superintelligence, the machines are going to be in charge" and "that is not an experiment that we want to just run toward". The list of signatories included Nobel laureates Geoffrey Hinton, Daron Acemoglu, Beatrice Fihn, Frank Wilczek and John C. Mather as well as Hinton's fellow "godfather" of modern AI Yoshua Bengio, Steve Wozniak, Steve Bannon, Paolo Benanti, Prince Harry, Duke of Sussex and Meghan, Duchess of Sussex. The letter was also signed by the actors Joseph Gordon-Levitt and Stephen Fry, rapper Will.i.am and author Yuval Noah Harari. Former national security advisor Susan Rice, and OpenAI member of technical staff Leo Gao also signed their names to the letter. Polling released alongside the letter showed that 64% of American agreed that superintelligence "shouldn't be developed until it's provably safe and controllable" and only 5% believed it should be developed as quickly as possible. == Operations == === Advocacy === FLI has actively contributed to policymaking on AI. In October 2023, for example, U.S. Senate majority leader Chuck Schumer invited FLI to share its perspective on AI regulation with selected senators. In Europe, FLI successfully advocated for the inclusion of more general AI systems, such as GPT-4, in the EU's Artificial Intelligence Act. In military policy, FLI coordinated the support of the scientific community for the Treaty on the Prohibition of Nuclear Weapons. At the UN and elsewhere, the institute has also advocated for a treaty on autonomous weapons. === Research grants === The FLI research program started in 2015 with an initial donation of $10 million from Elon Musk. In this initial round, a total of $7 million was awarded to 37 research projects. In July 2021, FLI announced that it would launch a new $25 million grant program with funding from the Russian–Canadian programmer Vitalik Buterin. === Conferences === In 2014, the Future of Life Institute held its opening event at MIT: a panel discussion on "The Future of Technology: Benefits and Risks", moderated by Alan Alda. The panelists were synthetic biologist George Church, geneticist Ting Wu, economist Andrew McAfee, physicist and Nobel laureate Frank Wilczek and Skype co-founder Jaan Tallinn. Since 2015, FLI has organised biannual conferences with the stated purpose of bringing together AI researchers from academia and industry. As of April 2023, the following conferences have taken place: "The Future of AI: Opportunities and Challenges" conference in Puerto Rico (2015). The stated goal was to identify promising research directions that could help maximize the future benefits of AI. At the conference, FLI circulated an open letter on AI safety which was subsequently signed by Stephen Hawking, Elon Musk, and many artificial intelligence researchers. The Beneficial AI conference in Asilomar, California (2017), a private gathering of what The New York Times called "heavy hitters of A.I." (including Yann LeCun, Elon Musk, and Nick Bostrom). The institute released a set of principles for responsible AI development that came out of the discussion at the conference, signed by Yoshua Bengio, Yann LeCun, and many other AI researchers. These principles may have influenced the regulation of artificial intelligence and subsequent initiatives, such as the OECD Principles on Artificial Intelligence. The beneficial AGI conference in Puerto Rico (2019). The stated focus of the meeting was answering long-term questions with the goal of ensuring that artificial general intelligence is beneficial to humanity. == In the media == "The Fight to Define When AI is 'High-Risk'" in Wired. "Lethal Autonomous Weapons exist; They Must Be Banned" in IEEE Spectrum. "United States and Allies Protest U.N. Talks to Ban Nuclear Weapons" in The New York Times. "Is Artificial Intelligence a Threat?" in The Chronicle of Higher Education, including interviews with FLI founders Max Tegmark, Jaan Tallinn and Viktoriya Krakovna. "But What Would the End of Humanity Mean for Me?", an interview with Max Tegmark on the ideas behind FLI in The Atlantic.
Babelfy
Babelfy is a software algorithm for the disambiguation of text written in any language. It performs the tasks of multilingual Word Sense Disambiguation (i.e., the disambiguation of common nouns, verbs, adjectives and adverbs) and Entity Linking (i.e. the disambiguation of mentions to encyclopedic entities like people, companies, places, etc.). == Overview == Babelfy uses the BabelNet multilingual knowledge graph to perform disambiguation and entity linking in three steps: It associates with each vertex of the BabelNet semantic network, i.e., either concept or named entity, a semantic signature, that is, a set of related vertices. This is a preliminary step which needs to be performed only once, independently of the input text. Given an input text, it extracts all the linkable fragments from this text and, for each of them, lists the possible meanings according to the semantic network. It creates a graph-based semantic interpretation of the whole text by linking the candidate meanings of the extracted fragments using the previously computed semantic signatures. It then extracts a dense subgraph of this representation and selects the best candidate meaning for each fragment. As a result, the text, written in any of the 271 languages supported by BabelNet, is output with possibly overlapping semantic annotations.
Oracle Database
Oracle AI Database (commonly referred to as Oracle Database, Oracle DBMS, Oracle Autonomous Database, or simply as Oracle) is a proprietary multi-model database management system produced and marketed by Oracle Corporation. It is a database commonly used for running online transaction processing (OLTP), data warehousing (DW) and mixed (OLTP & DW) database workloads. Oracle AI Database uses SQL for database updating and retrieval. Oracle Database runs on-premises, on Oracle engineered systems such as Oracle Exadata, on Oracle Cloud Infrastructure, and as a managed Autonomous Database service. It is also offered inside Microsoft Azure, Google Cloud, and Amazon Web Services data centers through Oracle's multicloud offerings. The current long-term support release, Oracle AI Database 26ai, became available in the cloud and on Oracle engineered systems in October 2025 and on-premises for Linux x86-64 in January 2026. == History == Larry Ellison and his two friends and former co-workers, Bob Miner and Ed Oates, started a consultancy called Software Development Laboratories (SDL) in 1977, later Oracle Corporation. SDL developed the original version of the Oracle software. The name Oracle comes from the code-name of a Central Intelligence Agency-funded project Ellison had worked on while formerly employed by Ampex; the CIA was Oracle's first customer, and allowed the company to use the code name for the new product. Ellison wanted his database to be compatible with IBM System R, but that company's Don Chamberlin declined to release its error codes. By 1985 Oracle advertised, however, that "Programs written for SQL/DS or DB2 will run unmodified" on the many non-IBM mainframes, minicomputers, and microcomputers its database supported "Because all versions of ORACLE are identical". Later releases introduced capabilities associated with successive eras of the product, including PL/SQL stored procedures and triggers in Oracle7 (1992), Real Application Clusters in Oracle9i (2001), grid infrastructure and automatic management in Oracle 10g (2003), the multitenant architecture and In-Memory Column Store in Oracle Database 12c (2013), and AI Vector Search and JSON Relational Duality in Oracle Database 23ai (2024). In October 2025 Oracle rebranded the 23ai line as Oracle AI Database 26ai. (see Release History) == Architecture == An Oracle Database system consists of an instance and a database. The instance is a set of memory structures and background processes; the database is the set of files that store data. The instance exists only in memory, and a single instance is associated with one multitenant container database. The principal memory structures are the System Global Area, which is shared, and the Program Global Areas, which are private to individual processes. The shared pool, database buffer cache, and redo log buffer are components of the System Global Area, and the optional In-Memory Column Store also resides there. Background processes operate on the database files and use these memory structures; they include the database writer, the log writer, the checkpoint process, and the system and process monitor processes. Server processes handle connections from client programs and run their SQL statements. Storage is organized logically and physically. Logically, data is held in tablespaces composed of segments, extents, and data blocks. Physically, the database comprises datafiles, control files, and online redo log files, with archived redo logs supporting media recovery. == High Availability and Scalability == Oracle Database includes several technologies for high availability, disaster recovery, and scale. Oracle Real Application Clusters allows multiple instances on separate servers to access one shared database concurrently; it was introduced with Oracle9i in 2001. Oracle Data Guard maintains standby databases synchronized with a primary database, and Active Data Guard additionally allows read-only workloads on a standby while it applies changes. Oracle GoldenGate performs logical replication and data integration across heterogeneous systems. Native sharding, introduced in Oracle Database 12c Release 2, distributes one logical database across independent shards. Oracle Exadata is an engineered system that pairs database servers with storage servers and offloads operations such as filtering to the storage tier; it is available on-premises, in Oracle Cloud Infrastructure, and through Cloud@Customer. == Notable Features == AI Vector Search adds a vector data type, vector indexes, and vector distance operators to the database. These allow similarity search over machine-learning embeddings to be expressed in SQL and combined with queries over relational, JSON, spatial, and graph data. It became generally available in Oracle Database 23ai. JSON Relational Duality exposes the same data both as relational tables and as JSON documents through duality views, so that an application can read and write either representation of the data. It became generally available in Oracle Database 23ai. In-Memory Column Store maintains a column-oriented copy of selected tables in memory in addition to the row-oriented format, and the optimizer can use the columnar copy for analytic queries. It was introduced in Oracle Database 12c Release 1.Partitioning divides large tables and indexes into independently managed pieces. Advanced Compression and Hybrid Columnar Compression are compression features for transactional and warehouse data respectively. == Data Types == Oracle AI Database supports a variety of data types and data models within a single system. These include traditional relational data types as well as semi-structured, unstructured, and specialized data formats, enabling different types of data to be stored and queried together. == Releases and versions == Oracle products follow a custom release-numbering and -naming convention. The "ai" in the current release, Oracle AI Database 26ai, stands for "Artificial Intelligence". Previous releases (e.g. Oracle Database 19c, 10g, and Oracle9i Database) have used suffixes of "c", "g", and "i" which stand for "Cloud", "Grid", and "Internet" respectively. Prior to the release of Oracle8i Database, no suffixes featured in Oracle AI Database naming conventions. There was no v1 of Oracle AI Database, as Ellison "knew no one would want to buy version 1". For some database releases, Oracle also provides an Express Edition (XE) that is free to use. Oracle AI Database release numbering has used the following codes: The Introduction to Oracle AI Database includes a brief history on some of the key innovations introduced with each major release of Oracle AI Database. See My Oracle Support (MOS) note Release Schedule of Current Database Releases (Doc ID 742060.1) for the current Oracle AI Database releases and their patching end dates. == Patch updates and security alerts == Prior to Oracle Database 18c, Oracle Corporation released Critical Patch Updates (CPUs) and Security Patch Updates (SPUs) and Security Alerts to close security vulnerabilities. These releases are issued quarterly; some of these releases have updates issued prior to the next quarterly release. Starting with Oracle Database 18c, Oracle Corporation releases Release Updates (RUs) and Release Update Revisions (RURs). RUs usually contain security, regression (bug), optimizer, and functional fixes which may include feature extensions as well. RURs include all fixes from their corresponding RU but only add new security and regression fixes. However, no new optimizer or functional fixes are included. == Competition == In the market for relational databases, Oracle AI Database competes against commercial products such as IBM Db2 and Microsoft SQL Server. Oracle and IBM tend to battle for the mid-range database market on Unix and Linux platforms, while Microsoft dominates the mid-range database market on Microsoft Windows platforms. However, since they share many of the same customers, Oracle and IBM tend to support each other's products in many middleware and application categories (for example: WebSphere, PeopleSoft, and Siebel Systems CRM), and IBM's hardware divisions work closely with Oracle on performance-optimizing server-technologies (for example, Linux on IBM Z). Niche commercial competitors include Teradata (in data warehousing and business intelligence), Software AG's ADABAS, Sybase, and IBM's Informix, among many others. In the cloud, Oracle AI Database competes against the database services of AWS, Microsoft Azure, and Google Cloud Platform. Increasingly, the Oracle AI Database products compete against open-source software relational and non-relational database systems such as PostgreSQL, MongoDB, Couchbase, Neo4j, ArangoDB and others. Oracle acquired Innobase, supplier of the InnoDB codebase to MySQL, in part to compete better against open source alternatives, and acquired Sun Microsystems, owner of MySQL, in 2010. Database products licensed as open
Thermal attack
A thermal attack (aka thermal imaging attack) is an approach that exploits heat traces to uncover the entered credentials. These attacks rely on the phenomenon of heat transfer from one object to another. During authentication, heat transfers from the users' hands to the surface they are interacting with, leaving heat traces behind that can be analyzed using thermal cameras that operate in the far-infrared spectrum. These traces can be recovered and used to reconstruct the passwords. In some cases, the attack can be successful even 30 seconds after the user has authenticated. Thermal attacks can be performed after the victim had authenticated, alleviating the need for in-situ observation attacks (e.g., shoulder surfing attacks) that can be affected by hand occlusions. While smudge attacks can reveal the order of entries of graphical passwords, such as the Android Lock Patterns, thermal attacks can reveal the order of entries even in the case of PINs or alphanumeric passwords. The reason thermal attacks leak information about the order of entry is because keys and buttons that the user touches first lose heat over time, while recently touched ones maintain the heat signature for a longer time. This results in distinguishable heat patterns that can tell the attacker which entry was entered first. Thermal attacks were shown to be effective against plastic keypads, such as the ones used to enter credit card's PINs in supermarkets and restaurants, and on handheld mobile devices such as smartphones and tablets. In their paper published at the Conference on Human Factors in Computing Systems (CHI 2017), Abdelrahman et al. showed that the attack is feasible on today's smartphones. They also proposed some ways to mitigate the attack, such as swiping randomly on the screen to distort the heat traces, or forcing maximum CPU usage for a few seconds. Thermal attacks can also infer passwords from heat traces on keyboards. Researchers at the University of Glasgow showed that attackers who use AI methods can be more effective in performing thermal attacks. Their study presents a new tool called ThermoSecure and evaluates it in two user studies. The results show that ThermoSecure can successfully attack passwords with an average accuracy of 92% to 55%, depending on the length of the password. The effectiveness of thermal attacks also depends on typing behavior and the material of the keycaps. ABS keycaps, which retain heat traces longer, are more vulnerable to thermal attacks. The study also discusses ways to protect against thermal attacks and presents seven potential mitigation approaches. Dr Khamis, who led the development of the technology with Norah Alotaibi and John Williamson, said with thermal imaging cameras more affordable than ever and machine learning becoming more accessible, it was "very likely that people around the world are developing systems along similar lines to ThermoSecure in order to steal passwords". == Thermal Attack Mitigation == === Simple and Practical Measures === One basic and effective way to mitigate thermal attacks is to deliberately create heat noise over the input interface, such as a keypad or keyboard, after entering a password. For instance, placing one's palm over the entire interface for a few seconds after use can obscure the thermal pattern left by the fingers, making it much more difficult for an unauthorized user to interpret the heat traces. === Range of Proposed Strategies === In addition to simple methods, researchers have developed a spectrum of mitigation strategies to counter thermal attacks. These strategies encompass 15 different approaches including: Use of Biometrics: Replacing traditional pin codes or passwords with biometric authentication, such as fingerprint recognition or facial recognition, eliminates the issue of residual heat on keypads. Heating the Interface: Implementing technology to slightly warm up the keypad can effectively neutralize the heat traces left by fingers, preventing thermal cameras from capturing the pattern. Randomizing Key Layouts: Employing dynamic key layouts that change positions every time the interface is used, making it impossible to correlate heat patterns with static input positions. === Technological Intervention on Thermal Cameras === Another avenue for mitigation is to address the issue at the source by modifying thermal cameras. Proposals have been made to develop thermal cameras that can automatically detect vulnerable interfaces such as keyboards or keypads. When these interfaces are detected within the camera's field of view, the camera would be programmed to prevent the user from recording images of them. This solution, however, would require widespread adoption by thermal camera manufacturers. Additionally, the approach is particularly viable for thermal cameras connected to a computing device, such as a smartphone, which can process the images in real time. Many affordable thermal cameras are standalone and do not have connectivity or processing capabilities. However, thermal cameras designed for connection to mobile devices can utilize the smartphone's processing power, making this mitigation approach feasible for such devices.
Project Maven
Project Maven (officially Algorithmic Warfare Cross Functional Team) is a United States Department of Defense initiative launched in 2017 to accelerate the adoption of machine learning and data integration across U.S. military intelligence workflows, specifically in intelligence, surveillance, target acquisition, and reconnaissance as well as in geospatial intelligence. It initially focused on applying computer vision for processing images and videos for intelligence purposes. Currently, the program operates under the National Geospatial-Intelligence Agency (NGA) and encompasses multiple applications across the Department of Defense spanning military operation targeting support, data integration and visualization for analysts, and training machine learning models on labeled datasets of military assets and infrastructure. It integrates data from drones, satellites, and other sensors to flag potential targets, present findings to human analysts, and relay their decisions to operational systems. The program originated under Deputy Secretary Robert O. Work after he raised concerns about China's advances in defense applications of artificial intelligence. Project leaders, Colonel Drew Cukor, USMC, and Lt. Gen. Jack Shanahan, framed the program as human-in-the-loop decision support inside the Department of Defense rather than as an autonomous weapons platform. Contractors supporting Maven have included Google, which withdrew in 2018 after internal protests, and follow-on integrators such as Palantir, Anduril, Amazon Web Services, and Anthropic (withdrew in 2026). The Pentagon credits Maven with providing 2024 targeting support for U.S. airstrikes in Iraq, Syria, and Yemen, along with locating hostile maritime assets in the Red Sea. == Administrative history == Initially, the effort was led by Robert O. Work who was concerned about China's military use of the emerging technology. Reportedly, Pentagon development stops short of acting as an AI weapons system capable of firing on self-designated targets. The project was established in a memo by the U.S. Deputy Secretary of Defense on 26 April 2017 proposing an "Algorithmic Warfare Cross-Functional Team". With the help of Defense Innovation Unit, the project obtained the support of top talents in AI outside of the traditional defense contracting base. It was initially funded for $70 million. Jack Shanahan was the director of the project during April 2017 to December 2018. At the second Defense One Tech Summit in July 2017, Cukor said that the investment in a "deliberate workflow process" was funded by the Department [of Defense] through its "rapid acquisition authorities" for about "the next 36 months". In the defense industry, the standard procedure for the military to acquire hardware is by way of research, development, test, and evaluation (RDT&E), followed by production and sustainment. In 2017, acquiring software was done in the same way as hardware. This created a problem, since software is constantly updated. Project Maven procured software using Broad Agency Announcements, a flexible contracting vehicle that categorized software as consistently RDT&E, allowing constant updating. Another issue was that the government usually acquired the intellectual property (IP) for procured software, and with the project, only parts of the IP of the software was acquired. Cukor used the principle of "platform IP belongs to the vendor, configurations on top are the customer's". For example, Palantir retained IP to their core platform, while the government obtained the IP to Maven-specific logic configured on top of it. According to US Air Force Lt. Gen. Jack Shanahan in November 2017, it is "designed to be that pilot project, that pathfinder, that spark that kindles the flame front of artificial intelligence across the rest of the [Defense] Department". Its chief, U.S. Marine Corps Col. Drew Cukor, said: "People and computers will work symbiotically to increase the ability of weapon systems to detect objects." Project Maven has been noted by allies, such as Australia's Ian Langford, for the ability to identify adversaries by harvesting data from sensors on UAVs and satellites. As of 2017 December, 150,000 images had been manually labelled to establish the first training data sets, and it was projected to reach one million by January 2018. Project Maven was funded for $221 million in fiscal 2020. In 2020, the House and Senate conferees on the National Defense Authorization Act for Fiscal Year 2021, agreed to the Senate's recommendation to fund the Pentagon's $250 million request for Project Maven. At the GEOINT Symposium of 2022, it was announced that Project Maven was transferred from the Office of the Under Secretary of Defense for Intelligence and Security to the NGA, under President Biden’s proposed budget for Fiscal Year 2023. It became a Program of Record on 2023 November 7. Frank "Trey" Whitworth, vice admiral, was the director of NGA from June 2022 to November 2025. Whitworth was initially skeptical of the program, suspecting it was incautious about the targeting principles, but later regarded it as "important work". As of 2024, the project is jointly administered by the NGA and the CDAO, and its director is Rachel Martin. Before 2025, Biden appointees within CDAO had held back AI development for safety and reliability concerns, though as of 2025, this has stopped. As of 2024, Maven provided the cloud infrastructure, software capabilities, and AI for CDAO's Combined Joint All-Domain Command and Control initiatives. As of summer 2025, there were eight Maven initiatives. Of these, five were in the NGA, including analyzing drone feeds and satellite imagery. On 18 September 2025, the UK government announced a new partnership with Palantir to develop AI-powered military capabilities for decision-making and targeting, identifying opportunities worth up to £750 million over five years. On 25 March 2025, the NATO Communications and Information Agency and Palantir finalized the acquisition of the Palantir Maven Smart System NATO (MSS NATO) for employment within NATO's Allied Command Operations. It was planned to be used within 30 days of acquisition. In a letter to Pentagon on 9 March 2026, Steve Feinberg stated that Project Maven will become an official program of record by September 2026, the close of the current fiscal year. The project would transfer from the NGA to the CDAO within 30 days. Future contracting with Palantir would be handled by the US Army. In 2026-03, it was announced that the US Army Combined Arms Command would integrate Maven into its training. == Technology == Project Maven uses machine learning algorithms to analyze and fuse vast amounts of surveillance data from multiple sources made possible through data integration using Palantir Technologies. The data sources include photographs, satellite imagery, geolocation data (IP address, geotag, metadata, etc) from communications intercepts, infrared sensors, synthetic-aperture radar, and more. The system is mainly used for assisting analysts in intelligence, surveillance, target acquisition, and reconnaissance. Machine learning systems, including object recognition systems, process the data and identify potential targets, such as enemy tanks or location of new military facility. The training dataset included at least 4 million images of military objects such as warships, labelled by humans. The user interface is called Maven Smart System. It could display information such as aircraft movements, logistics, locations of key personnel, locations on the no-strike list, ships, etc. Yellow-outlined boxes show potential targets. Blue-outlined boxes show friendly forces or no-strike zones. It could also transmit, directly to weapons, a human decision to fire weapons. Internal documentation referred to "Maven ATR: automatic target recognition". Initially the project focused on applications of computer vision. The project's leaders were particularly impressed by model performance on ImageNet. As of 2018, the purpose of the system was AI-enabled analysis of full-motion video. In 2022 it expanded to combatant commands under the AI and Data Acceleration Initiative. In 2022, it was reported that the project expanded to non-image data, including captured enemy material, maritime intelligence, and publicly available information. In 2024, it was stated that Maven's key technical contribution was data management: Maven standardizes heterogeneous data through an ontology layer so data can be fused, exchanged across cloud and edge systems, and used by multiple applications. The system was presented as a broader data-centric warfighting system that feeds apps for planning, preparing, and executing operations. In 2024, the Broad Area Surveillance-Targeting (BAS-T) is a part of Maven. The system detects objects in images and uses data fusion to produce a common operational picture containing "priority based, in-depth assessment of the enemy systems pre