In computer science, in particular in automata theory, a two-way finite automaton is a finite automaton that is allowed to re-read its input. == Two-way deterministic finite automaton == A two-way deterministic finite automaton (2DFA) is an abstract machine, a generalized version of the deterministic finite automaton (DFA) which can revisit characters already processed. As in a DFA, there are a finite number of states with transitions between them based on the current character, but each transition is also labelled with a value indicating whether the machine will move its position in the input to the left, right, or stay at the same position. Equivalently, 2DFAs can be seen as read-only Turing machines with no work tape, only a read-only input tape. 2DFAs were introduced in a seminal 1959 paper by Rabin and Scott, who proved them to have equivalent power to one-way DFAs. That is, any formal language which can be recognized by a 2DFA can be recognized by a DFA which only examines and consumes each character in order. Since DFAs are obviously a special case of 2DFAs, this implies that both kinds of machines recognize precisely the class of regular languages. However, the equivalent DFA for a 2DFA may require exponentially many states, making 2DFAs a much more practical representation for algorithms for some common problems. 2DFAs are also equivalent to read-only Turing machines that use only a constant amount of space on their work tape, since any constant amount of information can be incorporated into the finite control state via a product construction (a state for each combination of work tape state and control state). == Formal description == Formally, a two-way deterministic finite automaton can be described by the following 8-tuple: M = ( Q , Σ , L , R , δ , s , t , r ) {\displaystyle M=(Q,\Sigma ,L,R,\delta ,s,t,r)} where Q {\displaystyle Q} is the finite, non-empty set of states Σ {\displaystyle \Sigma } is the finite, non-empty set of input symbols L {\displaystyle L} is the left endmarker R {\displaystyle R} is the right endmarker δ : Q × ( Σ ∪ { L , R } ) → Q × { l e f t , r i g h t } {\displaystyle \delta :Q\times (\Sigma \cup \{L,R\})\rightarrow Q\times \{\mathrm {left,right} \}} s {\displaystyle s} is the start state t {\displaystyle t} is the end state r {\displaystyle r} is the reject state In addition, the following two conditions must also be satisfied: For all q ∈ Q {\displaystyle q\in Q} δ ( q , L ) = ( q ′ , r i g h t ) {\displaystyle \delta (q,L)=(q^{\prime },\mathrm {right} )} for some q ′ ∈ Q {\displaystyle q^{\prime }\in Q} δ ( q , R ) = ( q ′ , l e f t ) {\displaystyle \delta (q,R)=(q^{\prime },\mathrm {left} )} for some q ′ ∈ Q {\displaystyle q^{\prime }\in Q} It says that there must be some transition possible when the pointer reaches either end of the input word. For all symbols σ ∈ Σ ∪ { L } {\displaystyle \sigma \in \Sigma \cup \{L\}} δ ( t , σ ) = ( t , R ) {\displaystyle \delta (t,\sigma )=(t,R)} δ ( r , σ ) = ( r , R ) {\displaystyle \delta (r,\sigma )=(r,R)} δ ( t , R ) = ( t , L ) {\displaystyle \delta (t,R)=(t,L)} δ ( r , R ) = ( r , L ) {\displaystyle \delta (r,R)=(r,L)} It says that once the automaton reaches the accept or reject state, it stays in there forever and the pointer goes to the right most symbol and cycles there infinitely. == Two-way nondeterministic finite automaton == A two-way nondeterministic finite automaton (2NFA) may have multiple transitions defined in the same configuration. Its transition function is δ : Q × ( Σ ∪ { L , R } ) → 2 Q × { l e f t , r i g h t } {\displaystyle \delta :Q\times (\Sigma \cup \{L,R\})\rightarrow 2^{Q\times \{\mathrm {left,right} \}}} . Like a standard one-way NFA, a 2NFA accepts a string if at least one of the possible computations is accepting. Like the 2DFAs, the 2NFAs also accept only regular languages. == Two-way alternating finite automaton == A two-way alternating finite automaton (2AFA) is a two-way extension of an alternating finite automaton (AFA). Its state set is Q = Q ∃ ∪ Q ∀ {\displaystyle Q=Q_{\exists }\cup Q_{\forall }} where Q ∃ ∩ Q ∀ = ∅ {\displaystyle Q_{\exists }\cap Q_{\forall }=\emptyset } . States in Q ∃ {\displaystyle Q_{\exists }} and Q ∀ {\displaystyle Q_{\forall }} are called existential resp. universal. In an existential state a 2AFA nondeterministically chooses the next state like an NFA, and accepts if at least one of the resulting computations accepts. In a universal state 2AFA moves to all next states, and accepts if all the resulting computations accept. == State complexity tradeoffs == Two-way and one-way finite automata, deterministic and nondeterministic and alternating, accept the same class of regular languages. However, transforming an automaton of one type to an equivalent automaton of another type incurs a blow-up in the number of states. Christos Kapoutsis determined that transforming an n {\displaystyle n} -state 2DFA to an equivalent DFA requires n ( n n − ( n − 1 ) n ) {\displaystyle n(n^{n}-(n-1)^{n})} states in the worst case. If an n {\displaystyle n} -state 2DFA or a 2NFA is transformed to an NFA, the worst-case number of states required is ( 2 n n + 1 ) = O ( 4 n n ) {\displaystyle {\binom {2n}{n+1}}=O\left({\frac {4^{n}}{\sqrt {n}}}\right)} . Ladner, Lipton and Stockmeyer. proved that an n {\displaystyle n} -state 2AFA can be converted to a DFA with 2 n 2 n {\displaystyle 2^{n2^{n}}} states. The 2AFA to NFA conversion requires 2 Θ ( n log n ) {\displaystyle 2^{\Theta (n\log n)}} states in the worst case, see Geffert and Okhotin. It is an open problem whether every 2NFA can be converted to a 2DFA with only a polynomial increase in the number of states. The problem was raised by Sakoda and Sipser, who compared it to the P vs. NP problem in the computational complexity theory. Berman and Lingas discovered a formal relation between this problem and the L vs. NL open problem, see Kapoutsis for a precise relation. == Sweeping automata == Sweeping automata are 2DFAs of a special kind that process the input string by making alternating left-to-right and right-to-left sweeps, turning only at the endmarkers. Sipser constructed a sequence of languages, each accepted by an n-state NFA, yet which is not accepted by any sweeping automata with fewer than 2 n {\displaystyle 2^{n}} states. == Two-way quantum finite automaton == The concept of 2DFAs was in 1997 generalized to quantum computing by John Watrous's "On the Power of 2-Way Quantum Finite State Automata", in which he demonstrates that these machines can recognize nonregular languages and so are more powerful than DFAs. == Two-way pushdown automaton == A pushdown automaton that is allowed to move either way on its input tape is called two-way pushdown automaton (2PDA); it has been studied by Hartmanis, Lewis, and Stearns (1965). Aho, Hopcroft, Ullman (1968) and Cook (1971) characterized the class of languages recognizable by deterministic (2DPDA) and non-deterministic (2NPDA) two-way pushdown automata; Gray, Harrison, and Ibarra (1967) investigated the closure properties of these languages.
Computer security compromised by hardware failure
Computer security compromised by hardware failure is a branch of computer security applied to hardware. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Such secret information could be retrieved by different ways. This article focus on the retrieval of data thanks to misused hardware or hardware failure. Hardware could be misused or exploited to get secret data. This article collects main types of attack that can lead to data theft. Computer security can be compromised by devices, such as keyboards, monitors or printers (thanks to electromagnetic or acoustic emanation for example) or by components of the computer, such as the memory, the network card or the processor (thanks to time or temperature analysis for example). == Devices == === Monitor === The monitor is the main device used to access data on a computer. It has been shown that monitors radiate or reflect data on their environment, potentially giving attackers access to information displayed on the monitor. ==== Electromagnetic emanations ==== Video display units radiate: narrowband harmonics of the digital clock signals; broadband harmonics of the various 'random' digital signals such as the video signal. Known as compromising emanations or TEMPEST radiation, a code word for a U.S. government programme aimed at attacking the problem, the electromagnetic broadcast of data has been a significant concern in sensitive computer applications. Eavesdroppers can reconstruct video screen content from radio frequency emanations. Each (radiated) harmonic of the video signal shows a remarkable resemblance to a broadcast TV signal. It is therefore possible to reconstruct the picture displayed on the video display unit from the radiated emission by means of a normal television receiver. If no preventive measures are taken, eavesdropping on a video display unit is possible at distances up to several hundreds of meters, using only a normal black-and-white TV receiver, a directional antenna and an antenna amplifier. It is even possible to pick up information from some types of video display units at a distance of over 1 kilometer. If more sophisticated receiving and decoding equipment is used, the maximum distance can be much greater. ==== Compromising reflections ==== What is displayed by the monitor is reflected on the environment. The time-varying diffuse reflections of the light emitted by a CRT monitor can be exploited to recover the original monitor image. This is an eavesdropping technique for spying at a distance on data that is displayed on an arbitrary computer screen, including the currently prevalent LCD monitors. The technique exploits reflections of the screen's optical emanations in various objects that one commonly finds close to the screen and uses those reflections to recover the original screen content. Such objects include eyeglasses, tea pots, spoons, plastic bottles, and even the eye of the user. This attack can be successfully mounted to spy on even small fonts using inexpensive, off-the-shelf equipment (less than 1500 dollars) from a distance of up to 10 meters. Relying on more expensive equipment allowed to conduct this attack from over 30 meters away, demonstrating that similar attacks are feasible from the other side of the street or from a close by building. Many objects that may be found at a usual workplace can be exploited to retrieve information on a computer's display by an outsider. Particularly good results were obtained from reflections in a user's eyeglasses or a tea pot located on the desk next to the screen. Reflections that stem from the eye of the user also provide good results. However, eyes are harder to spy on at a distance because they are fast-moving objects and require high exposure times. Using more expensive equipment with lower exposure times helps to remedy this problem. The reflections gathered from curved surfaces on close by objects indeed pose a substantial threat to the confidentiality of data displayed on the screen. Fully invalidating this threat without at the same time hiding the screen from the legitimate user seems difficult, without using curtains on the windows or similar forms of strong optical shielding. Most users, however, will not be aware of this risk and may not be willing to close the curtains on a nice day. The reflection of an object, a computer display, in a curved mirror creates a virtual image that is located behind the reflecting surface. For a flat mirror this virtual image has the same size and is located behind the mirror at the same distance as the original object. For curved mirrors, however, the situation is more complex. === Keyboard === ==== Electromagnetic emanations ==== Computer keyboards are often used to transmit confidential data such as passwords. Since they contain electronic components, keyboards emit electromagnetic waves. These emanations could reveal sensitive information such as keystrokes. Electromagnetic emanations have turned out to constitute a security threat to computer equipment. The figure below presents how a keystroke is retrieved and what material is necessary. The approach is to acquire the raw signal directly from the antenna and to process the entire captured electromagnetic spectrum. Thanks to this method, four different kinds of compromising electromagnetic emanations have been detected, generated by wired and wireless keyboards. These emissions lead to a full or a partial recovery of the keystrokes. The best practical attack fully recovered 95% of the keystrokes of a PS/2 keyboard at a distance up to 20 meters, even through walls. Because each keyboard has a specific fingerprint based on the clock frequency inconsistencies, it can determine the source keyboard of a compromising emanation, even if multiple keyboards from the same model are used at the same time. The four different kinds way of compromising electromagnetic emanations are described below. ===== The Falling Edge Transition Technique ===== When a key is pressed, released or held down, the keyboard sends a packet of information known as a scan code to the computer. The protocol used to transmit these scan codes is a bidirectional serial communication, based on four wires: Vcc (5 volts), ground, data and clock. Clock and data signals are identically generated. Hence, the compromising emanation detected is the combination of both signals. However, the edges of the data and the clock lines are not superposed. Thus, they can be easily separated to obtain independent signals. ===== The Generalized Transition Technique ===== The Falling Edge Transition attack is limited to a partial recovery of the keystrokes. This is a significant limitation. The GTT is a falling edge transition attack improved, which recover almost all keystrokes. Indeed, between two traces, there is exactly one data rising edge. If attackers are able to detect this transition, they can fully recover the keystrokes. ===== The Modulation Technique ===== Harmonics compromising electromagnetic emissions come from unintentional emanations such as radiations emitted by the clock, non-linear elements, crosstalk, ground pollution, etc. Determining theoretically the reasons of these compromising radiations is a very complex task. These harmonics correspond to a carrier of approximately 4 MHz which is very likely the internal clock of the micro-controller inside the keyboard. These harmonics are correlated with both clock and data signals, which describe modulated signals (in amplitude and frequency) and the full state of both clock and data signals. This means that the scan code can be completely recovered from these harmonics. ===== The Matrix Scan Technique ===== Keyboard manufacturers arrange the keys in a matrix. The keyboard controller, often an 8-bit processor, parses columns one-by-one and recovers the state of 8 keys at once. This matrix scan process can be described as 192 keys (some keys may not be used, for instance modern keyboards use 104/105 keys) arranged in 24 columns and 8 rows. These columns are continuously pulsed one-by-one for at least 3μs. Thus, these leads may act as an antenna and generate electromagnetic emanations. If an attacker is able to capture these emanations, he can easily recover the column of the pressed key. Even if this signal does not fully describe the pressed key, it still gives partial information on the transmitted scan code, i.e. the column number. Note that the matrix scan routine loops continuously. When no key is pressed, we still have a signal composed of multiple equidistant peaks. These emanations may be used to remotely detect the presence of powered computers. Concerning wireless keyboards, the wireless data burst transmission can be used as an electromagnetic trigger to detect exactly when a key is pressed, while the matrix s
Spanish Network of Excellence on Cybersecurity Research
The Spanish Network of Excellence on Cybersecurity Research (RENIC), is a research initiative to promote cybersecurity interests in Spain. == Members == === Board of Directors (2018) === President: Universidad de Málaga Vice president: CSIC Treasurer: Universidad Politécnica de Madrid Secretary: Universidad de Granada Vocals: Tecnalia, Universidad de La Laguna and Universidad de Modragón === Board of Directors (2016) === President: Universidad Carlos III de Madrid Vice president: Universidad Politécnica de Madrid Treasurer: Universidad de Granada Secretary: Universidad de León Vocals: Gradiant, Tecnalia, Universidad de Málaga === Founding Members === Centro Andaluz de Innovación y Tecnologías de la Información y las Comunicaciones (CITIC). Consejo Superior de Investigaciones Científicas (CSIC). Centro Tecnolóxico de Telecomunicaciones de Galicia (Gradiant). Instituto Imdea Software. Instituto Nacional de Ciberseguridad (INCIBE). Mondragón Unibertsitatea. Tecnalia. Universidad Carlos III de Madrid. Universidad Castilla la Mancha. Universidad de Granada. Universidad de la Laguna. Universidad de León. Universidad de Málaga. Universidad de Murcia. Universidad de Vigo. Universidad Internacional de la Rioja. Universidad Politécnica de Madrid. Universidad Rey Juan Carlos. === Members === Consejo Superior de Investigaciones Científicas (CSIC). Centro Tecnolóxico de Telecomunicaciones de Galicia (Gradiant). Instituto Imdea Software. Instituto Nacional de Ciberseguridad (INCIBE). Mondragón Unibertsitatea. Tecnalia. Universidad Carlos III de Madrid. Universidad de Castilla-La Mancha. Universidad de Granada. Universidad de la Laguna. Universidad de León. Universidad de Málaga. Universidad de Murcia. Universidad de Vigo. Universidad Politécnica de Madrid. Universidad Rey Juan Carlos. Universitat Oberta de Catalunya. IKERLAN. === Honorary Members === Centre for the Development of Industrial Technology (CDTI). (2017) Instituto Nacional de Ciberseguridad (INCIBE). (2016) == Initiatives and Participations == RENIC is ECSO member, and is also a member of its board of directors. A collaboration agreement between RENIC and the Innovative Business Cluster on Cybersecurity (AEI Cybersecurity) has been signed. RENIC is pleased to sponsor the Cybersecurity Research National Conferences (JNIC) JNIC2017 edition, organized by Universidad Rey Juan Carlos. RENIC is pleased to announce the publication of the online version of the Catalog and knowledge map of cybersecurity research
Spotify Kids
Spotify Kids is a Swedish kid-friendly Music streaming service developed by Spotify. It offers curated content for children, including music, audiobooks, lullabies, and bedtime stories, while providing their parents with parental controls. The service is only available to subscribers to Spotify's Premium Family subscription plan. == Function == Spotify Kids is a Swedish Kid-friendly Music Streaming Service that allows children to browse Spotify with parental controls. Using the app, parents can view their children's listening history, block specific songs, and share playlists with their children. The app also includes sing-along songs, playlists designed for young children, and curated audiobooks, lullabies, and bedtime stories. Access is included in Spotify's Premium Family subscription plan, and is exclusive to subscribers to the plan. Users can configure the app for a specific age group upon first launch. The playlists on Spotify Kids are curated by groups including Discovery Kids, Nickelodeon, Universal Pictures, and The Walt Disney Company. All content on the Spotify Kids app is curated by editors. As of March 2021, there were roughly 8,000 songs available on the platform. The design of the Spotify Kids app is colorful, and user interface varies depending on the age group for which the app is configured. Spotify Kids is designed to comply with consent and data collection regulations for apps used by children. TechCrunch explains that it is "designed on a grand scale to drive subscriptions to Spotify's top-tier $14.99-per-month Premium Family Plan." == Release == After being beta tested in Ireland in October 2019, it was released as a beta across the United Kingdom on February 11, 2020. It was later released in Sweden, Denmark, Australia, New Zealand, Mexico, Argentina, and Brazil. On March 31, 2021, it was made available in France, Canada, and the United States.
Colour banding
Colour banding is a subtle form of posterisation in digital images, caused by the colour of each pixel being rounded to the nearest of the digital colour levels. While posterisation is often done for artistic effect, colour banding is an undesired artefact. In 24-bit colour modes, 8 bits per channel is usually considered sufficient to render images in Rec. 709 or sRGB. However the eye can see the difference between the colour levels, especially when there is a sharp border between two large areas of adjacent colour levels. This will happen with gradual gradients (like sunsets, dawns or clear blue skies), and also when blurring an image a large amount. Colour banding is more noticeable with fewer bits per pixel (BPP) at 16–256 colours (4–8 BPP), where there are fewer shades with a larger difference between them. The appearance of colour banding is exaggerated by the Mach bands effect. Possible solutions include the introduction of dithering and increasing the number of bits per colour channel. Because the banding comes from limitations in the presentation of the image, blurring the image does not fix this unless the image BPP is higher than the original.
Crackme
A crackme is a small computer program designed to test a programmer's reverse engineering skills. Crackmes are made as a legal way to crack software, since no intellectual property is being infringed. == Description == Crackmes often incorporate protection schemes and algorithms similar to those used in proprietary software. However, they can sometimes be more challenging because they may use advanced packing or protection techniques, making the underlying algorithm harder to analyze and modify. == Keygenme == A keygenme is specifically designed for the reverser to not only identify the protection algorithm used in the application but also create a small key generator (keygen) in the programming language of their choice. Most keygenmes, when properly manipulated, can be made self-keygenning. For example, during validation, they might generate the correct key internally and compare it to the user's input. This allows the key generation algorithm to be easily replicated. Anti-debugging and anti-disassembly routines are often used to confuse debuggers or render disassembly output useless. Code obfuscation is also used to further complicate reverse engineering.
Smartphone kill switch
A smartphone kill switch is a software-based security feature that allows a smartphone's owner to remotely render it inoperable if it is lost or stolen, thereby deterring theft. There have been a number of initiatives to legally require kill switches on smartphones. Smartphones have high resale value, and are therefore often the target of theft, with thieves selling them to cartels for resale. A kill switch can deter theft by making devices worthless. == Legal requirements == In the United States, Minnesota was the first state to pass a bill requiring smartphones to have such a feature, and California was the first to require that the feature be turned on by default. The California law requires the kill switch to be resistant to reinstallation of the phone's operating system. The CTIA initially resisted the legislation, fearing that it would make phones easier to hack, but later supported kill switches. There is evidence that this legislation has been effective, with smartphone theft declining by 50% between 2013 and 2017 in San Francisco. Secure Our Smartphones (S.O.S.), a New York State and San Francisco initiative started by New York State Attorney General Eric Schneiderman and San Francisco District Attorney George Gascón. The initiative is co-chaired by Schneiderman, Gascón and Boris Johnson, and has 105 members. == Examples == An Android phone signed into a Google account can be remotely locked and erased via Google's Find My Device service, as long as it is connected to the Internet. To prevent this, a thief must sign the device out of Google before the owner locks or erases it. iPhones have a similar service.