Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients. In the North Atlantic Treaty Organization culture, including United States Department of Defense culture, it is often referred to by the abbreviation COMSEC. The field includes cryptographic security, transmission security, emissions security and physical security of COMSEC equipment and associated keying material. COMSEC is used to protect both classified and unclassified traffic on military communications networks, including voice, video, and data. It is used for both analog and digital applications, and both wired and wireless links. Voice over secure internet protocol VOSIP has become the de facto standard for securing voice communication, replacing the need for Secure Terminal Equipment (STE) in much of NATO, including the U.S.A. USCENTCOM moved entirely to VOSIP in 2008. == Specialties == Cryptographic security: The component of communications security that results from the provision of technically sound cryptosystems and their proper use. This includes ensuring message confidentiality and authenticity. Emission security (EMSEC): The protection resulting from all measures taken to deny unauthorized persons information of value that might be derived from communications systems and cryptographic equipment intercepts and the interception and analysis of compromising emanations from cryptographic equipment, information systems, and telecommunications systems. Transmission security (TRANSEC): The component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis (e.g. frequency hopping and spread spectrum). Physical security: The component of communications security that results from all physical measures necessary to safeguard classified equipment, material, and documents from access thereto or observation thereof by unauthorized persons. == Related terms == ACES – Automated Communications Engineering Software AEK – Algorithmic Encryption Key AKMS – the Army Key Management System CCI – Controlled Cryptographic Item - equipment which contains COMSEC embedded devices CT3 – Common Tier 3 DTD – Data Transfer Device ICOM – Integrated COMSEC, e.g. a radio with built in encryption KEK – Key Encryption Key KG-30 – family of COMSEC equipment KOI-18 – Tape Reader General Purpose KPK – Key production key KYK-13 – Electronic Transfer Device KYX-15 – Electronic Transfer Device LCMS – Local COMSEC Management Software OTAR – Over the Air Rekeying OWK – Over the Wire Key SKL – Simple Key Loader SOI – Signal operating instructions STE – Secure Terminal Equipment (secure phone) STU-III – (obsolete secure phone, replaced by STE) TED – Trunk Encryption Device such as the WALBURN/KG family TEK – Traffic Encryption Key TPI – Two person integrity TSEC – Telecommunications Security (sometimes referred to in error transmission security or TRANSEC) Types of COMSEC equipment: Authentication equipment Crypto equipment: Any equipment that embodies cryptographic logic or performs one or more cryptographic functions (key generation, encryption, and authentication). Crypto-ancillary equipment: Equipment designed specifically to facilitate efficient or reliable operation of crypto-equipment, without performing cryptographic functions itself. Crypto-production equipment: Equipment used to produce or load keying material == DoD Electronic Key Management System == The Electronic Key Management System (EKMS) is a United States Department of Defense (DoD) key management, COMSEC material distribution, and logistics support system. The National Security Agency (NSA) established the EKMS program to supply electronic key to COMSEC devices in securely and timely manner, and to provide COMSEC managers with an automated system capable of ordering, generation, production, distribution, storage, security accounting, and access control. The Army's platform in the four-tiered EKMS, AKMS, automates frequency management and COMSEC management operations. It eliminates paper keying material, hardcopy Signal operating instructions (SOI) and saves the time and resources required for courier distribution. It has 4 components: LCMS provides automation for the detailed accounting required for every COMSEC account, and electronic key generation and distribution capability. ACES is the frequency management portion of AKMS. ACES has been designated by the Military Communications Electronics Board as the joint standard for use by all services in development of frequency management and crypto-net planning. CT3 with DTD software is in a fielded, ruggedized hand-held device that handles, views, stores, and loads SOI, Key, and electronic protection data. DTD provides an improved net-control device to automate crypto-net control operations for communications networks employing electronically keyed COMSEC equipment. SKL is a hand-held PDA that handles, views, stores, and loads SOI, Key, and electronic protection data. == Key Management Infrastructure (KMI) Program == KMI is intended to replace the legacy Electronic Key Management System to provide a means for securely ordering, generating, producing, distributing, managing, and auditing cryptographic products (e.g., asymmetric keys, symmetric keys, manual cryptographic systems, and cryptographic applications). This system is currently being fielded by Major Commands and variants will be required for non-DoD Agencies with a COMSEC Mission.
Visible (mobile app)
Visible is a health tracking mobile app for people with long COVID and myalgic encephalomyelitis/chronic fatigue syndrome (ME/CFS). The company was founded by a Harry Leeming, an engineer from London living with long Covid since 2020, and Luke Martin-Fuller. In November 2022, Visible released an open beta of an app that aims to help people pace their activities to avoid post-exertional malaise. The app gathers data on exertion levels, symptom severity, and heart-rate variability. HRV is approximated using a smartphone's camera via a technique called photoplethysmography, and according to the app's developers, can indicate how much someone needs rest. The app is currently free, but is expected to be freemium in the future. Users can also opt to allow their data be used for research purposes. In July 2023, Visible and Imperial College London announced the start of the first two studies. One is on the effects of the menstrual cycle on long COVID symptoms, and the other is on the condition's epidemiology and economic impact. Visible has announced plans to couple the app with activity trackers for continuous monitoring of heart-rate and actimetry data, which the developers claim will be more effective. As of 2022, no clinical trials on Visible's effectiveness have been conducted.
Kai's Power Tools
Kai's Power Tools (KPT) are a set of API plugins created by the German computer scientist Kai Krause in 1992 that were designed for use with Adobe Photoshop and Corel Photo-Paint. Kai's Power Tools were sold to Corel in 2000 when MetaCreations was closed. There are various versions of Kai's Power Tools. KPT 3, 5, 6, and X sets are compilations of different filters. The program interface features a reward-based function in which a bonus function is revealed as the user moves towards more complex aspects of the tool. == Filters == The KPT Convolver is a mathematics based filter; the level of precision and varying effects can be achieved by using numerical values of colour, tint, hue, saturation, contrast, brightness, luminosity, and posterize. The KPT Projector takes the current image or selection and offers a number of interactive perspective warp effects. To a large extent, with its draggable distortion handles and its moving, scaling and rotating options, this simply duplicates Adobe Photoshop's Free Transform capabilities. What is completely different is the ability to rotate the bitmap image in 3D space and to tile the results if desired. It can also animate the distortions by dragging keyframes from the preview window into an animation palette. KPT 6 will then preview the animation and output it to various sizes in avi or mov format. This animation capability is even more useful with the KPT Turbulence filter. This is another distortion filter, but one that treats the image as if it was completely liquid. The preview panel shows the animation in real time. The KPT Goo filter is used to produce a single frame freeform liquid distortion. This filter is available both with KPT 6 and the standalone version. It works by effectively turning a bitmap image into a liquid that can be interactively smeared, smudged, twirled, and pinched with the range of tools on offer. The obvious use is to distort photographic portraits into caricatures. KPT Materializer can create advanced surface textures based on bump maps that define troughs and peaks. It can use any external image for the basis of the bump map or alternatively the user can pick out the hue, saturation, luminance or red, green, or blue channel of the current image. It can then offset, scale and rotate the texture map, control its lighting, and even blend in a reflection map. The filter can be used for anything from providing an oil-painting feel to an entire image, to giving the illusion of depth to a selection. Also producing the impression of depth is the KPT Gel filter which uses various paint tools to synthesize photo-realistic 3D materials such as metals, liquids, or plastics. Gel painting is very different from traditional 2D painting as the brush strokes pool together when they touch and refract the underlying image. It can also manipulate 3D paint—once it has been added—by twirling, pinching, and carving it. The opposite is true of the Equalizer filter, which is used for applying variations on sharpening effects. The filter has three modes. The first mode, Equalizer, looks and works rather like the graphic equalizer on a stereo system, enabling adjustment of the level of pixel contrast within nine bands of different visual frequencies. The second mode, Contrast Sharpen, allows for increasing the contrast between light and dark areas in an image. The third mode, Bounded Sharpen, can sharpen an image without causing oversharpening, which can lead to halo effects. This feature is particularly useful when pulling out the detail in an image softened by resizing. KPT SceneBuilder is used for producing photorealistic 3D scenes by importing and rendering 3DS files. The main image window offers three tabs for editing in 2D and 3D mode and for setting up the object's final texture. Many users regard this filter as being the most impressive because it acts as a standalone 3D rendering tool and provides control over everything from transparency, reflection, refraction, bump mapping through to multiple light sources, and so on but without the ability to create or edit objects. The final filter, KPT SkyEffects, also has its roots in Metacreations' experience with 3D programs such as Bryce and RayDream. This filter is designed to simulate the interaction between the light from the sun or moon with no less than six atmospheric layers of haze, fog and cloud. The filter is typical of the KPT 6 collection as a whole: at times the interface is inspired and offers the ability to create beautiful reddening sunsets simply by interactively dragging the sun toward the horizon, producing realistic sunsets and moonscapes. == Other effects == Kai's Power Tools 6 features a lens flare effect for precisely managing the type of glow, halo, streaks, and reflection. The addition of a library of preset effects helps to overcome this by allowing the user to choose a standard effect and then interactively position the flare in the image preview. KPT 6 provides a new engine in the form of the KPT Reaction, which takes a reaction seed and turns it into a seamlessly tiling pattern based on a reaction diffusion process. It offers random noise, regular dots or reticulated voronoi patterns or a bitmap image itself as the seed. Corel has no plans for any updates.
Drops (app)
Drops is a language learning app that was created in Estonia by Daniel Farkas and Mark Szulyovszky in 2015. It is the second product from the company, after their first app, LearnInvisible, had issues in retaining a user's engagement over the required time period. The languages available include Native Hawaiian and Māori, and was classified as one of the fifty "Most Innovative Companies" for 2019 by Fast Company. The company partnered with Global Eagle Entertainment to include Travel Talk, a feature intended to focus on words and phrases frequently used by travelers. At the beginning of the COVID-19 pandemic in March 2020, the number of users increased by 55 percent in the United States and 92 percent in the United Kingdom. Droplets, a language app for children, includes profiles for multiple teachers working with remote students. The company also produces an app called Scripts, intended to help users learn to write alphabets. The app was purchased by the Norwegian company Kahoot! on 24 November 2020.
Artifact (app)
Artifact was a personalized social news aggregator app that uses recommender systems to suggest articles. Launched in January 2023 by Nokto, Inc., a company founded by co-founders of Instagram Kevin Systrom and Mike Krieger, the app is available for iOS and Android. The app's name is a portmanteau of the words "articles", "artificial intelligence", and "fact". The app shut down in January 2024 as a result of low interest. == History == Nokto, Inc. was established on March 3, 2022, as a foreign stock company in California, with its headquarters in San Francisco. The company's main product, Artifact, is the first new product launched by Krieger and Systrom since their 2018 resignation from Instagram after conflicts with parent company Meta, which acquired Instagram in 2012. Artifact launched on January 31, 2023, after the team had been working on it for over a year, offering the option to sign up for a waiting list for its private beta, which grew to about 160,000 people, and then launching in open beta on February 22, 2023. With a team of seven employees in San Francisco, the app was free throughout its lifetime, with the founders explaining at the time that different business models - such as advertising or subscription fees - could be explored in the future. In January 2024, cofounder Kevin Systrom announced that the app would be shutting down after concluding that "the market opportunity isn’t big enough to warrant continued investment in this way." In April 2024, it was announced Artifact had been acquired by Yahoo, who intended to use the service's technology in an upgraded Yahoo! News app. == Features == Frequently described as "TikTok for text" and a competitor to Twitter, Artifact was a news aggregator that used machine learning to make personalized recommendations based on topics, news sources, and authors that the reader is interested in. In addition to reading articles, the app offered the ability to like articles, leave comments, or listen to an audio version of an article read by AI-generated voices, including a simulation of the voices of Snoop Dogg or Gwyneth Paltrow. AI also would rewrite clickbait headlines that users flagged. Artifact later expanded to a social network where users could post links, images and text to their profile, which could be liked or commented on by other users. Similar to other social news websites like Reddit, reader accounts had profiles with reputation scores.
Web application firewall
A Web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a Web application's known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration. Financial institutions often utilize WAFs to help in the mitigation of Web application zero-day vulnerabilities, as well as hard-to-patch bugs or weaknesses through custom attack signature strings. == History == Dedicated Web application firewalls entered the market in the late 1990s during a time when web server attacks were becoming more prevalent. Early WAF products, from Kavado and Gilian technologies, tried to solve the increasing amount of attacks on Web applications in the late 1990s. In 2002, the open-source project ModSecurity was formed in order to make WAF technology more accessible. They finalized a core rule set for protecting Web applications, based on OASIS Web Application Security Technical Committee’s (WAS TC) vulnerability work. In 2003, they expanded and standardized rules through the Open Web Application Security Project’s (OWASP) Top 10 List, an annual ranking for Web security vulnerabilities. This list would become the industry standard for Web application security compliance. Since then, the market has continued to grow and evolve, especially focusing on credit card fraud prevention. With the development of the Payment Card Industry Data Security Standard (PCI DSS), a standardization of control over cardholder data, security has become more regulated in this sector. == Description == A Web application firewall is a special type of application firewall that applies specifically to Web applications. It is deployed in front of Web applications and analyzes bi-directional web-based (HTTP) traffic – detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the Web application level which – from a technical point of view – does not depend on the application itself”. According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a Web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a virtual or physical appliance that prevents vulnerabilities in Web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule-sets, also known as policies. Previously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A Web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines Web applications for potential security vulnerabilities. In addition to searching for Web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application, but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique Web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary. WAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy. WAFs typically follow a positive security model, a negative security, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. In general, features like browser emulation, obfuscation and virtualization, and IP obfuscation are used to attempt to bypass WAFs. The OWASP produces a list of the top ten Web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open-source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine. == Deployment options == Although the names for operating mode may differ, WAFs are basically deployed inline in three different ways. According to NSS Labs, deployment options are transparent bridge, transparent reverse proxy, and reverse proxy. "Transparent" refers to the fact that the HTTP traffic is sent straight to the Web application, therefore the WAF is transparent between the client and server. This is in contrast to reverse proxy, where the WAF acts as a proxy, and the client’s traffic is sent directly to the WAF. The WAF then separately sends filtered traffic to Web applications. This can provide additional benefits such as IP masking but may introduce disadvantages such as performance latencies. == JA3 fingerprint == JA3, developed by Salesforce in 2017, is a technique for generating a unique fingerprint for SSL/TLS traffic based on specific fields in the handshake, such as the version, cipher suites, and extensions used by the client. This fingerprint enables the identification and tracking of clients based on the characteristics of their encrypted traffic. In the context of distributed denial of service (DDoS) protection, JA3 fingerprints are used to detect and differentiate malicious traffic, often associated with attack bots, from legitimate traffic, allowing for more precise filtering of potential threats. In September 2023, AWS WAF announced built-in support for JA3, enabling customers to inspect the JA3 fingerprints of incoming requests. JA3 was deprecated in May 2025 in favor of JA4. JA4 is currently patent pending.
AARON
AARON is the collective name for a series of computer programs written by artist Harold Cohen that create original artistic images autonomously, which set it apart from previous programs. Proceeding from Cohen's initial question "What are the minimum conditions under which a set of marks functions as an image?", AARON was in development between 1972 and the 2010s. As the software is not open source, its development effectively ended with Cohen's death in 2016. The name "AARON" does not seem to be an acronym; rather, it was a name chosen to start with the letter "A" so that the names of successive programs could follow it alphabetically. However, Cohen did not create any other major programs. Initial versions of AARON created abstract drawings that grew more complex through the 1970s. More representational imagery was added in the 1980s; first rocks, then plants, then people. In the 1990s more representational figures set in interior scenes were added, along with color. AARON returned to more abstract imagery, this time in color, in the early 2000s. Cohen used machines that allowed AARON to produce physical artwork. The first machines drew in black and white using a succession of custom-built "turtle" and flatbed plotter devices. Cohen would sometimes color these images by hand in fabric dye (Procion), or scale them up to make larger paintings and murals. In the 1990s Cohen built a series of digital painting machines to output AARON's images in ink and fabric dye. His later work used a large-scale inkjet printer on canvas. Development of AARON began in the C programming language then switched to Lisp in the early 1990s. Cohen credits Lisp with helping him solve the challenges he faced in adding color capabilities to AARON. An article about Cohen appeared in Computer Answers that describes AARON and shows two line drawings that were exhibited at the Tate gallery. The article goes on to describe the workings of AARON, then running on a DEC VAX 750 minicomputer. Raymond Kurzweil's company has produced a downloadable screensaver of AARON for Microsoft Windows PCs. This version of AARON can also produce printable images. AARON's source code is not publicly available, but Cohen has described AARON's operations in various essays and it is discussed in abstract in Pamela McCorduck's book. AARON cannot learn new styles or imagery on its own; each new capability must be hand-coded by Cohen. It is capable of producing a practically infinite supply of distinct images in its own style. Examples of these images have been exhibited in galleries worldwide. AARON's artwork has been used as an artistic equivalent of the Turing test. It does seem however that AARON's output follows a noticeable formula (figures standing next to a potted plant, framed within a colored square is a common theme). Cohen is very careful not to claim that AARON is creative. But he does ask "If what AARON is making is not art, what is it exactly, and in what ways, other than its origin, does it differ from the 'real thing?' If it is not thinking, what exactly is it doing?" — The further exploits of AARON, Painter. The Whitney Museum featured AARON in 2024, showcasing the evolution of AARON as the earliest artificial intelligence (AI) program for artmaking.