Transparency in the software supply chain is a condition in which participants involved in the development, procurement, operation, auditing, or regulation of software can determine which components, dependencies, build stages, identifiers, and relationships within the supply chain make up the delivered product. The disclosure of information about software components, their interrelationships, origins, and development methods—for the purposes of risk management, vulnerability detection, and compliance—takes place throughout the software lifecycle. Transparency is one of the key security attributes of the software supply chain, as a deeper understanding of the chain enables participants to identify vulnerabilities and mitigate threats. Problems in the software supply chain can cause billions in losses and create operational challenges for government and commercial entities, as demonstrated by incidents involving SolarWinds, Bybit, 3CX, Jaguar Land Rover, GitHub, and NotPetya. Modern software is often assembled from third-party libraries and open-source components. According to research by the Linux Foundation and Synopsys, 96% of the commercial codebases analyzed contained open-source software, and 70–90% of a typical codebase may consist of open-source components. Without transparency, any software component can become a threat. As a result, companies may spend billions of dollars building robust external defenses, but this will not protect against vulnerabilities in legitimate software inside the perimeter. At the same time, supply chain attacks also erode trust between customers and their IT providers, as malicious code is often embedded in official updates with certificates and digital signatures. One of the primary ways to ensure transparency is through a software bill of materials, which documents the components used to create the software and the relationships within the supply chain. == Concept == The software supply chain is the collection of systems, devices, people, artifacts, and processes involved in the creation of the final software product. Attacks on the software supply chain differ from conventional attacks in that they follow a four-stage pattern: compromise, modification, distribution, and subsequent exploitation of the compromised or modified component. A defining feature of a supply chain attack is the introduction or manipulation of a change at an upstream stage, which is subsequently exploited at a downstream stage. Transparency refers to the availability of knowledge about the chain, while validity concerns the integrity of operations and artifacts and the authentication of participants, and separation involves reducing unnecessary trust relationships and the radius of impact through compartmentalization. In this framework, transparency primarily helps during the pre-compromise and detection phases, as a clearer understanding of participants, operations, and artifacts makes it easier to identify weak links before attackers exploit them. Current major attack vectors include dependencies and containers, build infrastructure, and human participants, such as maintainers or developers. == History == Software supply-chain transparency developed from earlier efforts to document software components, long before the term came into widespread use in the cybersecurity field. Early component-documentation formats included SPDX, first published in 2011, and CycloneDX, first published in 2017. Initially, these formats were created to support license compliance, package identification, and tool compatibility. Their development helped shape a broader concept of software supply chain transparency, encompassing component documentation, disclosure practices, risk management, security analysis, and regulatory compliance. In 2018, the U.S. National Telecommunications and Information Administration launched a multistakeholder process on promoting software component transparency. This process helped move work on SBOMs from a specialized technical practice into the realm of policy and procurement to identify components used in software products. The 2020 compromise of the SolarWinds Orion platform made software supply chain security a central issue in government cybersecurity policy. An analysis of the “Sunburst” campaign prepared by the Atlantic Council noted that the vulnerability of the software supply chain had become a realized risk for national-security agencies. In May 2021, U.S. President Joe Biden issued Executive Order 14028, which directed federal agencies to improve cybersecurity and increase transparency in the software supply chain, including requirements related to SBOMs. Reuters reported that the executive order required software developers selling their products to the federal government to provide greater visibility into their software and make security data available. In July 2021, the NTIA published the document “The Minimum Elements for a Software Bill of Materials (SBOM)”, defining the basic data fields and practices for creating SBOMs. Between 2021 and 2025, the U.S. Cybersecurity and Infrastructure Security Agency updated its guidance on “Framing Software Component Transparency”, expanding the set of SBOM attributes, metadata requirements, and operational recommendations for the creation, exchange, and use of SBOMs. Major incidents that occurred following the SolarWinds attack have underscored the importance of transparency in vulnerability management and supply chain security. The Log4Shell vulnerability in the Log4j library, disclosed in December 2021, demonstrated how difficult it can be for organizations to identify a vulnerable component deeply embedded within applications and services. In 2024, an attempt to plant a backdoor in XZ Utils showed how attackers could exploit trust in open-source maintenance processes to introduce malicious code into widely used infrastructure software. By the mid-2020s, software supply chain transparency had become part of international cybersecurity coordination and regulation. On September 3, 2025, Japan's Ministry of Economy, Trade and Industry and the National Cybersecurity Office, in collaboration with cybersecurity agencies from 15 countries, released the document “A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity.” In the European Union, the Cyber Resilience Act required manufacturers of products with digital elements to create, maintain, and retain SBOMs as part of the technical documentation for software placed on the EU market. == Transparency mechanisms == The primary mechanism for ensuring transparency is the software bill of materials (SBOM). An SBOM is a structured list of components, libraries, and tools used to build and distribute a software product, and it records dependencies in a way that helps organizations understand and assess their software supply chains. It can also be described as a formal record of components and their interdependencies, which gives users insight into their actual exposure to risks and threats. Five key areas of SBOM application in software supply chain security have been identified: vulnerability management, ensuring transparency, component evaluation, risk assessment, and ensuring supply chain integrity. In software supply chains, an SBOM documents all components, both open-source and proprietary. Under Executive Order 14028, U.S. federal agencies require software suppliers to provide SBOMs for government-procured software. The list of minimum required SBOM elements defined by NTIA includes three main categories: required data fields for describing each component (name, version, identifiers), automation support (machine-readable format, generation tools), and recommendations for creating SBOMs during development and purchasing. The post-2021 push for SBOMs was intended to provide visibility into the components used within software and to expose parts of an application that would otherwise remain hidden. This information can be used to prioritize patches, manage vulnerabilities, and support compliance work. Transparency also supports software traceability, which is becoming a standard feature of developer platforms. Traceability has become important because organizations are increasingly required to demonstrate how software was created, rather than simply listing its components. Higher levels of assurance require signed, tamper-proof traceability and more isolated, verifiable build environments. A related mechanism is build reproducibility. Reproducible builds are defined as build processes that make the compilation process deterministic, ensuring that the same source code always produces the same binary file. These builds are considered a foundational element for distributed verification, transparency-log maintenance, supply-chain workflow integration, and the creation of keyless signatures based on verifiable logs. Although reproducibility does not replace inventory or attestation, it gives external par
Character computing
Character computing is a trans-disciplinary field of research at the intersection of computer science and psychology. It is any computing that incorporates the human character within its context. Character is defined as all features or characteristics defining an individual and guiding their behavior in a specific situation. It consists of stable trait markers (e.g., personality, background, history, socio-economic embeddings, culture,...) and variable state markers (emotions, health, cognitive state, ...). Character computing aims at providing a holistic psychologically driven model of human behavior. It models and predicts behavior based on the relationships between a situation and character. Three main research modules fall under the umbrella of character computing: character sensing and profiling, character-aware adaptive systems, and artificial characters. == Overview == Character computing can be viewed as an extension of the well-established field of affective computing. Based on the foundations of the different psychology branches, it advocates defining behavior as a compound attribute that is not driven by either personality, emotions, situation or cognition alone. It rather defines behavior as a function of everything that makes up an individual i.e., their character and the situation they are in. Affective computing aims at allowing machines to understand and translate the non-verbal cues of individuals into affect. Accordingly, character computing aims at understanding the character attributes of an individual and the situation to translate it to predicted behavior, and vice versa. ''In practical terms, depending on the application context, character computing is a branch of research that deals with the design of systems and interfaces that can observe, sense, predict, adapt to, affect, understand, or simulate the following: character based on behavior and situation, behavior based on character and situation, or situation based on character and behavior.'' The Character-Behavior-Situation (CBS) triad is at the core of character computing and defines each of the three edges based on the other two. Character computing relies on simultaneous development from a computational and psychological perspective and is intended to be used by researchers in both fields. Its main concept is aligning the computational model of character computing with empirical results from in-lab and in-the-wild psychology experiments. The model is to be continuously built and validated through the emergence of new data. Similar to affective and personality computing, the model is to be used as a base for different applications towards improving user experience. == History == Character computing as such was first coined in its first workshop in 2017. Since then it has had 3 international workshops and numerous publications. Despite its young age, it has already drawn some interest in the research community, leading to the publication of the first book under the same title in early 2020 published by Springer Nature. Research that can be categorized under the field dates much older than 2017. The notion of combining several factors towards the explanation of behavior or traits and states has long been investigated in both Psychology and Computer Science, for example. == Character == The word character originates from the Greek word meaning “stamping tool”, referring to distinctive features and traits. Over the years it has been given many different connotations, like the moral character in philosophy, the temperament in psychology, a person in literature or an avatar in various virtual worlds, including video games. According to character computing character is a unification of all the previous definitions, by referring back to the original meaning of the word. Character is defined as the holistic concept representing all interacting trait and state markers that distinguish an individual. Traits are characteristics that mainly remain stable over time. Traits include personality, affect, socio-demographics, and general health. States are characteristics that vary in short periods of time. They include emotions, well-being, health, cognitive state. Each characteristic has many representation methods and psychological models. The different models can be combined or one model can be preset for each characteristic. This depends on the use-case and the design choices. == Areas == Research into character computing can be divided into three areas, which complement each other but can each be investigated separately. The first area is sensing and predicting character states and traits or ensuing behavior. The second area is adapting applications to certain character states or traits and the behavior they predict. It also deals with trying to change or monitor such behavior. The final area deals with creating artificial agents e.g., chatbots or virtual reality avatars that exhibit certain characteristics. The three areas are investigated separately and build on existing findings in the literature. The results of each of the three areas can also be used as a stepping stone for the next area. Each of the three areas has already been investigated on its own in different research fields with focus on different subsets of character. For example, affective computing and personality computing both cover different areas with a focus on some character components without the others to account for human behavior. == The Character-Behavior-Situation triad == Character computing is based on a holistic psychologically driven model of human behavior. Human behavior is modeled and predicted based on the relationships between a situation and a human's character. To further define character in a more formal or holistic manner, we represent it in light of the Character–Behavior–Situation triad. This highlights that character not only determines who we are but how we are, i.e., how we behave. The triad investigated in Personality Psychology is extended through character computing to the Character–Behavior–Situation triad. Any member of the CBS triad is a function of the two other members, e.g., given the situation and personality, the behavior can be predicted. Each of the components in the triad can be further decomposed into smaller units and features that may best represent the human's behavior or character in a particular situation. Character is thus behind a person's behavior in any given situation. While this is a causality relation, the correlation between the three components is often more easily used to predict the components that are most difficult to measure from those measured more easily. There are infinitely many components to include in the representation of any of C, B, and S. The challenge is always to choose the smallest subset needed for prediction of a person's behavior in a particular situation.
PGP word list
The PGP Word List ("Pretty Good Privacy word list", also called a biometric word list for reasons explained below) is a list of words for conveying data bytes in a clear unambiguous way via a voice channel. They are analogous in purpose to the NATO phonetic alphabet, except that a longer list of words is used, each word corresponding to one of the 256 distinct numeric byte values. == History and structure == The PGP Word List was designed in 1995 by Patrick Juola, a computational linguist, and Philip Zimmermann, creator of PGP. The words were carefully chosen for their phonetic distinctiveness, using genetic algorithms to select lists of words that had optimum separations in phoneme space. The candidate word lists were randomly drawn from Grady Ward's Moby Pronunciator list as raw material for the search, successively refined by the genetic algorithms. The automated search converged to an optimized solution in about 40 hours on a DEC Alpha, a particularly fast machine in that era. The Zimmermann–Juola list was originally designed to be used in PGPfone, a secure VoIP application, to allow the two parties to verbally compare a short authentication string to detect a man-in-the-middle attack (MiTM). It was called a biometric word list because the authentication depended on the two human users recognizing each other's distinct voices as they read and compared the words over the voice channel, binding the identity of the speaker with the words, which helped protect against the MiTM attack. The list can be used in many other situations where a biometric binding of identity is not needed, so calling it a biometric word list may be imprecise. Later, it was used in PGP to compare and verify PGP public key fingerprints over a voice channel. This is known in PGP applications as the "biometric" representation. When it was applied to PGP, the list of words was further refined, with contributions by Jon Callas. More recently, it has been used in Zfone and the ZRTP protocol, the successor to PGPfone. The list is actually composed of two lists, each containing 256 phonetically distinct words, in which each word represents a different byte value between 0 and 255. Two lists are used because reading aloud long random sequences of human words usually risks three kinds of errors: 1) transposition of two consecutive words, 2) duplicate words, or 3) omitted words. To detect all three kinds of errors, the two lists are used alternately for the even-offset bytes and the odd-offset bytes in the byte sequence. Each byte value is actually represented by two different words, depending on whether that byte appears at an odd or an even offset from the beginning of the byte sequence. The two lists are readily distinguished by the number of syllables; the odd list has words of three syllables, the even list has two. The two lists have a maximum word length of 11 and 9 letters, respectively. Using a two-list scheme was suggested by Zhahai Stewart. == Examples == Each byte in a bytestring is encoded as a single word. A sequence of bytes is rendered in network byte order, from left to right. For example, the leftmost (i.e. byte 0) is considered "even" and is encoded using the PGP Even Word table. The next byte to the right (i.e. byte 1) is considered "odd" and is encoded using the PGP Odd Word table. This process repeats until all bytes are encoded. Thus, "E582" produces "topmost Istanbul", whereas "82E5" produces "miser travesty". A PGP public key fingerprint that displayed in hexadecimal as E582 94F2 E9A2 2748 6E8B 061B 31CC 528F D7FA 3F19 would display in PGP Words (the "biometric" fingerprint) as topmost Istanbul Pluto vagabond treadmill Pacific brackish dictator goldfish Medusa afflict bravado chatter revolver Dupont midsummer stopwatch whimsical cowbell bottomless The order of bytes in a bytestring depends on endianness. == Other word lists for data == There are several other word lists for conveying data in a clear unambiguous way via a voice channel: the NATO phonetic alphabet maps individual letters and digits to individual words the S/KEY system maps 64 bit numbers to 6 short words of 1 to 4 characters each from a publicly accessible 2048-word dictionary. The same dictionary is used in RFC 1760 and RFC 2289. the Diceware system maps five base-6 random digits (almost 13 bits of entropy) to a word from a dictionary of 7,776 distinct words. the Electronic Frontier Foundation has published a set of improved word lists based on the same concept FIPS 181: Automated Password Generator converts random numbers into somewhat pronounceable "words". mnemonic encoding converts 32 bits of data into 3 words from a vocabulary of 1626 words. what3words encodes geographic coordinates in 3 dictionary words. the BIP39 standard permits encoding a cryptographic key of fixed size (128 or 256 bits, usually the unencrypted master key of a Cryptocurrency wallet) into a short sequence of readable words known as the seed phrase, for the purpose of storing the key offline. This is used in cryptocurrencies such as Bitcoin or Monero. Like the PGP word list, the Bytewords standard maps each possible byte to a word. There is only one list, rather than two. The words are uniformly four letters long and can be uniquely identified by their first and last letters
Back-Up Interceptor Control
Backup Interceptor Control (BUIC, ) was the Electronic Systems Division 416M System to backup the SAGE 416L System in the United States and Canada. BUIC deployed Cold War command, control, and coordination systems to SAGE radar stations to create dispersed NORAD Control Centers. == Background == Prior to the SAGE Direction Centers becoming operational, the USAF deployed data link systems at NORAD Control Centers with ground computers for controlling crewed interceptors. After SAGE IBM AN/FSQ-7 Combat Direction Centrals became operational and the Super Combat Centers with improved (digital) computers were cancelled, a backup to SAGE was planned in the event the above-ground SAGE Air Defense Direction Center failed. == General Electric AN/GPA-37 Course Directing Group == BUIC began with deployment of General Electric AN/GPA-37 Course Directing Groups to several Long Range Radar stations. Units designated included the "U.S. Air Force 858th Air Defense Group (BUIC) [which became] a permanent operating facility" at Naval Air Station Fallon in Nevada. == BUIC II == BUIC II was used to command and control sites using the Burroughs AN/GSA-51 Radar Course Directing Group. North Truro AFS became the first ADC installation configured for BUIC II. == BUIC III == The AN/GYK-19 (initially AN/GSA-51A) was an upgraded version of the BUIC II system designated AN/GSA-51A and required a larger building than the AN/GSA-51. The first BUIC III site was Fort Fisher AFS, and Air Defense Command's was first installed at Fort Fisher Air Force Station, North Carolina. Although more advanced systems were contemplated, the final design of the BUIC III system was an upgraded version of the BUIC II with around twice the performance. == Closure and upgrade == In 1972, the USAF decided to shut down most of the BUIC sites; most of the sites mothballed by 1974, except for the BUIC III site at Tyndall Air Force Base. In Canada the BUIC site at Senneterre was shut down, but St Margarets remained open. The remaining sites were closed between 1983-1984 when SAGE was replaced by the Joint Surveillance System. The AN/FYQ-47 Common Digitizer for the Joint Surveillance System, and the Radar Video Data Processor (RVDP) was a combined system for the Air Force and Federal Aviation Administration (FAA), it replaced the SAGE Burroughs AN/FST-2 Coordinate Data Transmitting Sets.
Key Transparency
Key Transparency allows communicating parties to verify public keys used in end-to-end encryption. In many end-to-end encryption services, to initiate communication a user will reach out to a central server and request the public keys of the user with which they wish to communicate. If the central server is malicious or becomes compromised, a man-in-the-middle attack can be launched through the issuance of incorrect public keys. The communications can then be intercepted and manipulated. Additionally, legal pressure could be applied by surveillance agencies to manipulate public keys and read messages. With Key Transparency, public keys are posted to a public log that can be universally audited. Communicating parties can verify public keys used are accurate.
CPT Corporation
CPT Corporation was founded in 1971 by Dean Scheff in Minneapolis, Minnesota, with co-founders James Wienhold and Richard Eichhorn. CPT first designed, manufactured, and marketed the CPT 4200, a dual-cassette-tape machine that controlled a modified IBM Selectric typewriter to support text editing and word processing. The CPT 4200 was followed in 1976 by the CPT VM (Visual Memory), a partial-page display-screen dual-cassette-tape unit, and shortly thereafter by the CPT 8000, a full-page display dual-diskette desktop microcomputer that drove stand-alone daisy wheel printers. Subsequent products included (1) variants on the 8000 series; (2) the CPT 6000 series, which had a lower capacity, smaller screen, and was less expensive; (3) the CPT 9000 series, which had a larger capacity and could run IBM personal computer software; (4) the CPT Phoenix series, which had a graphical capabilities; (5) CPT PT, a software-only reduced version that ran on IBM personal computers and clones; and (6) other related products. The CPT logo—originally three letters chosen to sound well together—began to be taken as an acronym for "cassette powered typewriting," and subsequently for "computer processed text," and numerous other variants. Major competition was IBM, Wang, Lanier, Xerox, and other word processing vendors. CPT Corporation was fifth in size among Minnesota-based top high-tech companies, after 3M, Honeywell, Control Data, and Medtronic. Corporate revenues grew to approximately a quarter-billion dollars per year in the mid-1980s, then declined with the proliferation of personal computers. CPT ultimately ceased major manufacturing late in the 20th century. == Selected products == === Cassette based === The CPT 4200 was a dual-cassette-tape unit with a small built-in keyboard that controlled a modified IBM Selectric typewriter. Keystrokes entered on the typewriter appeared on the paper as they were recorded on the output cassette, which formed a magnetic replica of the characters printed on the page. That output cassette could later be used as an input cassette, where it would be played back to the typewriter along with new keystrokes to accomplish text editing. The keyboard of the CPT 4200 had action keys for "skip", "read" and "stop", mode keys for "word", "line", "paragraph," and "page." Pressing "read" transferred a word, line, paragraph, or page (depending on which mode key had been selected) from the input tape to both the typewriter and the output tape. Line boundaries (aka printer margins) recorded on the input tape were ignored or retained depending on whether or not the "adjust" key had been selected. Alternatively, pressing "skip" moved past the corresponding amount of text on the input tape without sending it to the typewriter or to the output tape. The Selectric's keyboard was active for any new typing, which would appear on the paper and transferred to the output tape. Thus a document was edited by reading back those parts of the text to be retained and skipping those parts to be discarded, with new typing added from the Selectric's keyboard. Price: approx. $5000, 1980-era values. The CPT Communicator was an add-on to the CPT 4200 that allowed data to be transferred from one text-editing machine to another, or between a text-editing machine and a remote computer, via phone lines. Price: not available. === Microprocessor based === ==== CPT 8000 series ==== The CPT 8000 was the company's first microcomputer product, exhibited in spring of 1976. It was a self-contained desktop machine with two 8-inch floppy diskette drives, a movable keyboard, and a full-page vertically oriented CRT display simulating paper with black characters on a white background, for a wysiwyg view of text on paper. It was promoted as familiar and easy to use for those experienced with typewriters. A keyboard with a large set of extra keys made operating the 8000 quite easy even for people without any computer skills or background. IN, OUT, PRINT, OOPS OOPS was changed thinking it was insulting to the buyer to assume they would ever make an error. The CPT 8000 was designed to show a full page of text with a static line showing the margin and tab stops. An additional line would display status or error messages with a times square like display. The times square error and status messages were very well done, "The printer needs a new ribbon" rather than "ERROR 034892". The text page could both smooth pan and scroll by the hardware in the display board and nothing quite like it existed for a very long time. The 8000 ran its own multitasking hardware interrupt-driven operating system but it also ran CP/M quite well. So unlike other companies that sold Wordprocessor only systems, CPT had a system that could run any of the many popular CP/M applications. Using the CP/M OS users could develop Fortran, CBasic, Cobol and other language's programs. The 8000 used Intel's 8080 microprocessor. The display board was bleeding-edge, high-speed logic. The parts available at this time were pushed to their limits to provide the speed needed to display this much text. There were times that batches of parts from one manufacturer simply could not be clocked as fast as the 8000 display required. Memory was initially 64K, but larger boards of 128K were most common then later 256K were offered. The 8080 accessed this additional RAM by running a custom page flipping circuit. The 8000 was originally priced at $8000 and its daisy wheel printer an additional $8000. The model number having been confused with the price at its first appearance at the Hanover fair. An RS-232 serial communication option was available for the 8000 series that allowed the electronic transfer of documents. One very popular use of this was to access the Westlaw system. A tempest approved version of the 8000 was developed that was RF tight with nothing being emitted that could be monitored or spied on. === Storage Systems === ==== CPT WordPak ==== The CPT WordPak series was CPT's first external document storage system that enabled multiple 8000 series workstations to store documents in an electronic filing cabinet. Prior to WordPak, all documents were stored on removable 8-inch floppy diskettes. Sharing documents involved handing off the original disk, or copying the document to a second disk and 'sneaker-net-ing' (walking it over) to the second 8000. But this resulted in two copies of the document, one at each workstation. A circuit board with a proprietary cable connector was installed in the 8000/6000 family of "workstations" and connected to the WordPak by a multi-conductor cable. WordPak 1 consisted of a single Shugart Associates SA4000 14"-diameter hard disk with a capacity of 30 megabytes. WordPak 2 added a 2nd drive for a total of 60 megabytes. ==== CPT SRS 45 ==== The CPT SRS 45 was what would now be called a server (quite likely the first of its kind) but in practice was much more. It was maybe the worlds easiest networking shared resource system. It combined a ZIP drive for backup and hard disk(s) that would be shared simultaneously by up to eight CPT machines that had the PC AT bus. The primary person responsible for its development was Bill Davidson whose wife Cheryl was responsible for bringing up CP/M, MP/M and other Digital Research products running on the Phoenix. The brilliance of the system were the networking cards that plugged into the individual machines. These used the 55AA installable driver of the IBM BIOS to simply add the zip and hard disk drives to each computers drives list. So a system that started with floppy drives A and B and a C hard disk on the machine would have the SRS 45 drives added as drives D (E, F depending on the number of hard disk) and Z for the zip drive. Sharing (avoiding writing to the same file at the same time) was handled by simply assigning parts of the drives for individuals and other directories for shared use. No "driver" software was needed. You simply plugged in the networking card and your machine had additional drives that were internal to the SRS45. This approach was far ahead of its time and sadly never recognized for its brilliance. The SRS45 as were all CPT machines not just dedicated Word Processors. === Personal-computer based === ==== CPT PT software ==== CPT PT was a reduced a version of the software that ran under MS-DOS as an application on IBM PC compatible computers. The corporation intended it as a bridge to allow data to flow in and out of personal computer packages, as well as providing a personal-computer word processing application for those familiar with standalone CPT equipment or who preferred the CPT style of dual-window text editing. Price: approx. $200, 1980-era values. ==== CPT Genius Display ==== The Genius display was a stand-alone, vertically-oriented (portrait) configuration monochrome grey-scale CRT monitor unit and an IBM PC form factor display card to allow high-resolution, full-page text & graphics on IBM PC compatible computers.
Vans challenge
The Vans challenge is a viral internet challenge that began in March 2019 where people show their Vans shoes landing right-side up after tossing them in the air. The viral sensation reportedly started after a Twitter user shared a video of the occurrence, which was captioned: “Did you know it doesn’t matter how you throw your Vans they will land facing up.” Since then, multiple people on social media posted similar videos of them throwing their Vans in the air and landing right-side up, along with Crocs, UGG boots, and other popular shoes. This theory proved false, as these shoes have not always landed facing up after tossing them.