Computer security software

An IT tool used working with boot code of a device. Bootloaders allows for commands (often hidden in the hacking context) to be input into the device after the next reboot. Popular options include announcing the location of the device when it connects to a network, adjusting the processing of the device so that the default device attributes are the choice of the hacker, annoying the owner of the device, and making a record of every action on the device. These programs allows for a variety of tasks to be set up in the boot record rather than just destroying the functionality of the device.

Browser and search engine combos reduce the time for relevant information searches on most web hosts by exploring the data structure of the host, building some form of hierarchical information representation, and then allowing for rapid retrieval of information from specific leaf nodes. From a 2020 computing perspective, this exploration is usually performed much prior to the interaction with an endpoint user, and often involves significant corporate expenditures for data centers[1] with extended costs[2] devoted to building and maintaining the hierarchical representation of the semantic web. A physical comparison to the challenge these systems face could be made to a blind and deaf person starting from a random position on Earth and attempting to find a specific piece of paper without knowing the searcher's location or the target's location and then solving for a minimal distance path to the desired object while providing relevant navigation information along the route.

Sold to general users with the purpose of configuring their systems and guiding them through the setup process, these systems have applications towards hacking from the perspective of hot swapping and configuration templates. When run, a configuration for the user's operating system or hardware is chosen other than its current state from among a selection of alternate configurations stored in the Configurator. Rather than switching only a few programs or settings, a user may switch to the full configuration stored in the program, even if it means the Configurator stops running at that point. Usually, the configuration stored in this program doesn't change when used, with the intent that a user can switch back and forth between multiple configuration as necessary. In a hacking context, this process is then useful for hot swapping a system configuration in response to challenges encountered while attempting to interact with a target system. From a traditional computing perspective, this could be compared to booting into a completely different operating system while still using the same hardware.

These programs make editing easier with a smart interface that learn a user's style and can even give suggestions based on their prior activity. Traditionally attached to the idea of software or text editing, these programs approach the physical with the advent of fully programmable hardware architectures like general purpose graphical processing units and field programmable gate arrays.

Similar to a browser or search engine, these programs differ in that they support search actions when looking for specific data on a specific host that contains that data. When loaded, these programs tailor the search algorithms to match the specific iconography of the host, increasing the probability of finding relevant results with the targeted search data. Physical world comparison can be made to the difference between attempting to find a specific town on a map versus attempting to find a USB key lost in a landfill. From a biological systems perspective, this can also be compared to the concept of structural alignment which attempts to establish homology between two or more polymer structures based on their shape and three-dimensional conformation to aid in comparison and classification.

Shredders are designed to assist in erasing files and all their redundant back-up options that might be around inside a computer system. A shredder functions by entering a large amount of random junk data into designated files, overwriting them repeatedly to help deter attempts at recovering them. From the perspective of 2020 software patterns this erasure process usually either utilizes the Gutmann method[3] of destroying data (often built from the CBL Data Shredder) or the ATA Secure Erase standard. Recovering a file that has been Shredded (or destroyed by a Logic Bomb, for that matter) requires access to the host the file was on originally, often with need for prior knowledge of the files contents, which explains why offline back-ups are quite popular.

Programs that support removing unnecessary memory allocation, detecting illicit system memory use, testing memory functionality within a system, or optimizing the system cache-management. Can become necessary in cases where the hacker's system may have a borderline amount of memory for the task being attempted or when processing large volumes of data rapidly and the speed of the operations is being inhibited by inefficient memory use. From a common Windows user's perspective, opening task manager and culling unnecessary operations represents a very basic form of this type of interaction, with some of the most valuable traits being the ability to view memory use, set process priorities, start and stop services, and forcibly terminate processes.

This program creates a virtual memory space on a user's disk. Virtual machines have traditionally been used to emulate specific hardware or architectures where the programs and environment are specifically tailored to a particular manufacture's walled garden, such as in the case of the Apple ecosystem and programs like Xcode. However, with the advent of cloud computing, virtual machines have moved into a realm where they are used to emulate multiple different architectures simultaneously on a single machine, often for the business needs of multiple endpoint users, while simultaneously providing the protection of a sandbox environment.

The primary purpose of these types of systems is to restrict and often to completely prevent access to computers or data except to a very limited set of users. The theory is often that if a key, credential, or token is unavailable then access should be impossible. A physical comparison is often made to a fortress, armor, or jamming. A shell that even if abandoned would still present a significant challenge for computer access. This often involves taking valuable information and then either reducing it to apparent noise or hiding it within another source of information in such a way that it is unrecoverable.

• Cryptography and Encryption software
• Steganography and Steganography tools

The purpose of these types of systems is usually to restrict access to computers or data while still allowing interaction. Often this involves monitoring or checking credential, separating systems from access and view based on importance, and quarantining or isolating perceived dangers. A physical comparison is often made to a shield. A form of protection whose use is heavily dependent on the system owners preferences and perceived threats. Large numbers of users may be allowed relatively low-level access with limited security checks, yet significant opposition will then be applied toward users attempting to move toward critical areas.

• Access control
• Firewall
• Sandbox

The purpose of these types of software systems is to monitor access to computers systems and data while reporting or logging the behavior. Often this is composed of large quantities of low priority data records / logs, coupled with high priority notices for unusual or suspicious behavior. A physical comparison to eyes, goggles, scanning, or spying is often made. Observing user's behavior, often with the secondary goal of remaining hidden themselves.

• Diagnostic program
• Intrusion detection system (IDS)
• Intrusion prevention system (IPS)
• Log management software
• Records Management
• Security information management
• Security event management
• SIEM

The purpose of these types of software is to remove malicious or harmful forms of software that may compromise the security of a computer system. These types of software are often closely linked with software for computer regulation and monitoring. A physical comparison to a doctor, scrubbing, or cleaning ideas is often made, usually with an "anti-" style naming scheme related to a particular threat type. Threats and unusual behavior are identified by a system such as a firewall or an intrusion detection system, and then the following types of software are used to remove them. These types of software often require extensive research into their potential foes to achieve complete success, similar to the way that complete eradication of bacteria or viral threats does in the physical world. Occasionally this also represents defeating an attackers encryption, such as in the case of data tracing, or hardened threat removal.

• Anti-keyloggers
• Anti-malware
• Anti-spyware
• Anti-subversion software
• Anti-tamper software
• Antivirus software
• Cryptanalysis

Agents are autonomous computer programs built with varying levels of artificial intelligence that have some capability in general categories of computer use, hacking, and cyberwarfare. Agents perform actions within or across computer systems toward the goals of their users and are often given their own names, personalities, functions, and styles. An example of such a system used for non-hacking purposes is the Wikipedia 1.0 bot (notably a "user" from the perspective of Wikipedia) that performs data collection and processing on the categories of Wikipedia, while an example used expressly for cyberwarfare purposes is the Stuxnet worm developed jointly by the United States and Israel specifically to target the programmable logic controllers (PLCs) operating machinery and processes for gas centrifuge separation of nuclear material.

Utility apps in this context are programs that enhance a user's experience in traditional display devices, augmented reality (AR), or virtual reality (VR); with a few options for support programs. Often referred to outside the context of hacking specifically, yet potential for hacking uses depend on the way that they modify the experience, as they may provide the equivalent of enhancements directed towards hacking and subversion goals.

An ongoing self-evaluation system that monitors all the devices in a user's personal area network (PAN), giving constant vital statistics on their behavior. Popular with computer-literate and interested users who enjoy trying to squeeze every last bit of usefulness out of devices, they are also popular in keeping people aware of attacks against, and infections within, the computational devices that represent their PAN.

Typically casual games that are displayed in some form of computer environment, allowing a user to enjoy them as a pastime while also still somewhat paying attention to reality. The number on the market is huge, with some older games being modified to run on modern hardware. Significant potential exists for games used in hacking that specifically "gamify" the hacking experience or translate the hacking experience into game terms, providing objectives, metrics of performance, and translations of the experience. An extremely simplistic variation on this concept is Wikiracing, a game where users attempt to traverse the links of Wikipedia as rapidly as possible, yet at the same time gain significant knowledge about the topology of Wikipedia and concepts like Six Degrees of Separation. Notably, this idea can also extend to the environment surrounding hacking, such as cultures like DEF CON and Pwn2Own that have gamified the activity of hacking itself in an annual or multiannual competition related to hacking specific targets for fun and prizes.

Apps that monitor and support all other social networks that a person might use, incorporating them into a web of information. Possibly generating a relevance or impact score that is a piece of status in virtual social groups. Can have hacking relevance, as the worth of many network systems is based on the geometric complexity of the contributing nodes using relationships like Metcalfe's law. The social network itself my either be performing the hack or contributing to the hack, and in some cases may be the target or the recipient of the desired result of the hack. An example of this type of interaction from the 2020 perspective is the behavior of the Anonymous hacktivist collective known for its cyber attacks against governments, government agencies, corporations, and the Church of Scientology.

These programs use algorithms either stolen from, or provided by, the police and military internet observation organizations to provide the equivalent of a police Radio scanner. Most of these systems are born out of mass surveillance concepts for internet traffic, cell phone communication, and physical systems like CCTV. In a global perspective they are related to the fields of SIGINT and ELINT and approach GEOINT in the global information monitoring perspective. Sources for such information and the organizations that provide them, in the year 2020, within their particular jurisdictions, include (although may not be exclusive to):

• NSA with BOUNDLESSINFORMANT/BULLRUN/MAINWAY/MYSTIC/PRISM (United States)
• Spetssvyaz/FSO/FSB with SORM (Russian NSA equivalents from FAPSI)
• 3PLA(SIGINT)/4PLA (ELINT)/MPS/MSS (China)
• Unit 8200/Aman (Israel)
• VAJA (Iran)
• FROSTING with TRANSIENT and ECHELON (Five Eyes (FVEY))
• SatCen/INTCEN/EEAS with SIS and SIRENE[4] (European Union)
• GCHQ with MTI (United Kingdom)
• ASD (Australia)
• BfV (Germany)
• DGSE (France)
• MIVD (Netherlands)
• CSE (Canada
• TERM/NIA using CMS (India)
• FIS/PSTS with Onyx (Switzerland)
• FRA with TTD (Sweden)

Note that several instant messaging programs such as ICQ (founded by "former" members of Unit 8200), or WeChat and QQ (rumored 3PLA/4PLA connections[5][6]) may represent extensions of these observation apparati.

An algorithm that constantly monitors the owner of the PAN in all their interactions with devices. Taking this data, it attempts to determine the emotional state of the person and generates a playlist of songs to better support said user, either enhancing the feelings or dampening them. Essentially the similar to a musical mood ring. Has significant potential for hacking if the themes are then synced to either the owner or the network being interacted with. A basic example being that if security within a targeted system appears to have been notified (such as through increased lag or line noise) then battle music begins to transition into the theme.

A series of operating system apps that provide an information feed from a specified source, the vast majority being legitimate, such as stock markets and news organizations. Some services also use these apps to give details on other users, admins, sysops, systems, police or military responses, and current payment rates for a variety of services and bribes. In the current world of 2020, there are a great many topics that generate enough traffic to merit an information feed. For example, a hacker could subscribe to a feed with up-to-the-minute news about market movement if the hacker's goal was a system related to stock market manipulation.

Within this section, several terms mostly referenced in science fiction writing are used, as they represent the only words currently available to describe these ideas. Anime such as Ghost in the Shell, novels like Neuromancer, movies like the Matrix trilogy, and roleplaying games such as Shadowrun were earlier adopters of these concepts. The very idea of "the Matrix", coined by the novel Neuromancer in 1984, became the concept of a simsense environment where a user could live in computation like they did in the physical,[9] and the term ICE became connected with the idea of automated internet security systems with advanced AI foundations. Many of the terms referenced below are also borrowed from Shadowrun, as the creators and writers were categorizing, naming, and evaluating game mechanics for these terms in the 1980s. Some terms, such as Shadowrun's "data bomb" have been transformed into logic bomb with newer media, yet many of the terms are still the primary word, like Shredders and Configurators.[10][11][12][13][14]

The concept that within a sufficiently advanced computational environment, users will be shown or represented by some form of iconic image or alias that refers to their real-life equivalent. This type of behavior is already visible in the year 2020, in the form of internet message boards, gamer tags, or the three dimensional models they use to interact with a game environment. With sufficient immersion, or advanced environment, this distinction between the digital and "real-life" breaks down, as the user may spend a greater percentage of their time in digital space, than they do interacting with their physical body.

The ability for a user to interact with a computational environment or a piece of computational hardware in a way that approaches the physical interaction they have with their day-to-day environment. To explore an internet host environment is to simply walk through a city, with all of the pedestrians, buildings, and automobiles representing some form of sensory translation experience. This experience usually requires some sort of module or add-on to traditional user interfaces that translate the experience into physical terms. Many times, this completely removes the user from the physical environment they used to experience - effectively paralyzing them.

Augmented reality systems represent a bridge between these ideas, where the computational environment of the internet is overlaid atop the normal physical world they experience. Games like Pokemon Go approach this concept, where user's move through the physical world attempting to capture digital monsters that only exist on the internet.

The effect of computational destruction being translated into some form of physical experience for the user of a computer system. Often this implies that the users physical body is either stunned or wounded, causing the experience of bleeding, blinding, deafening, or pain in response to events occurring within a computer host they are interacting with. Although this might seem risky, the perceived reward is usually either greater resolution or responsiveness within the computational environment. This behavior is already being observed in 2020, with moves towards totally immersive goggles like the Oculus. However, even these limited goggles could then expose a user to damage from input signals purposely designed to overload their visual perception, causing physical damage to their eyes or ears.

• see Intrusion Countermeasures Electronics

Noted above, the concept of a simsense environment where a user could live in computation like they did in the physical. Connected with the following quote from Neuromancer:

The matrix has its roots in primitive arcade games. … Cyberspace. A consensual hallucination experienced daily by billions of legitimate operators, in every nation, by children being taught mathematical concepts. … A graphic representation of data abstracted from banks of every computer in the human system. Unthinkable complexity. Lines of light ranged in the nonspace of the mind, clusters and constellations of data. Like city lights, receding.[15]

These types of programs work with a user's firmware as a secondary firewall, providing additional protection for valuable or sensitive regions of the operating system, programs, or hardware. In the case of simsense environments, this protection then approaches its physical parallel, sheets of data that limit damaging interaction that might otherwise harm a user's physical form.

When taking part in any form of computational conflict, this program laces all of the offensive actions a user takes with dangerous biofeedback signals. This program only works if the target is experiencing some form of physical simsense, and has limited effect on users perceiving the internet environment using traditional displays or low resolution AR. When a user's actions cause computational damage, the target is also physically stunned if the target is only using a form of low resolution AR, or physically wounded if the target has somehow directly linked their body to the internet (like the Matrix movies). This program also applies to damage caused by failed attack actions against a target.

This program is similar to a firewall for a user's physical simsense module, giving the user an improved modifier to resist biofeedback damage.

This is a kinder, gentler version of physical biofeedback. Similar to how police and law enforcement have shifted from using pistols to tasers in most encounters, this program causes stun damage, even if the target is using physical simsense.

A low-offensive attack program that distracts the user instead of damaging the device they are using. Cat's Paw is useful to prevent a user from performing actions while not bricking the device they may be using. This program fills the interaction experience with annoying errors, such as spam pop-ups and pop-unders, or other distracting garbage. On a successful offensive interaction with the system, instead of doing damage, the program generates a negative modifier to further interaction with the system.

This program uses legacy code from previous incarnations of the internet to place data exclusively within physical media. In addition to saving a file, it allows the user to successfully remove a file from the memory of a single designated cloud computing environment. Attempting to remove these files is opposed by the depth and breadth of the cloud based systems they were originally stored on, with larger systems increasing the challenge. Attempting to remove a single image file from a small host would represent a minor challenge, while attempting to remove the idea of Neuromancer itself would represent a significant difficulty.

One thing hackers have learned about internet protocols is that the ability to force devices to reboot can be very beneficial. When running, it attempts to fill a targeted device with an exceptional amount of reboot-worthy errors, adding to the probability that hardware running this program will be able to cause a reboot on the target system.

Similar to the protective pads and clothing worn by demolition or bomb squads, this program creates predictive barriers between the user and a logic bomb, providing protection against its effects should it be prematurely detonated. Particular important in a simsense environment, where the translated effects of a logic bomb might result in life-threatening wounds for an internet user.

Demolition programs tend to be on the leading edge of logic bomb research, and are specifically purchased to improve the probability of success, and host damage caused, when a logic bomb is detonated. Similar to their physical world equivalents, most demolition programs are predicted to be heavily restricted to professional or military use, and often illegal in most host environments.

With delicate monitoring, this program is able to determine how often a file is accessed, and it sets a logic bomb to go off after it has been affected a set number of times. To use this program, a user must attempt set and arm a logic bomb; and if successful, they can then select how many actions can be executed with the file, or a specific time period, before the bomb goes off. They can also choose whether the logic bomb does computational damage to the surrounding host environment or just deletes the target file. Notoriously difficult to spot, detonator-enabled logic bombs are equivalent to a user that has already hidden within a host environment and takes no other actions beyond observing their surroundings.

Government and corporate security divisions tends to prevent long-term surveillance by unauthorized personnel. However, while this program is running, and the user is performing no actions other than observing their environment, the security observation of their actions only increases minimally. The program requires an attempt to hide their presence initially in order to activate properly, and it does not assist in any way in preventing any other persona from noticing the initial attempt to hide. It simply helps them remain hidden once they have successfully obfuscated themselves. Very similar to the physical equivalent of a tiny sentient drone that most creatures ignore without even considering its significance.

This program analyzes and scans a target for weaknesses in its Firewall, improving the operator's probability of success when attempting to stealthily interact with a computer system.

Similar to a Ticker, except with the addition of automatic appraising of data values. With constant updates from a reliable information source that specialize in monitoring data auctions, this program calculates how much a certain amount of data might be worth, in order to allow a user to perform an informed risk/reward calculation toward the amount of information they might obtain relative to heat they would generate from security or law enforcement.

A computer user can perform a single action on two targets with this program. They make a single action, with modifiers from each target affecting their probability of success. Each of the targets defend with their own attributes, firmware, and software. The result of the actions are determined separately against each target.

This program keeps an eye out for weaknesses the same way an attacker would, reducing damage taken from symbology applied to their icon representation.

A computer program specifically used for causing damage within the computer environment. Brute force destruction like breaking rocks on a prison chain gang. Similar to the old adage that "if all you have is a hammer, everything looks like a nail."

Due to the relativistic difference in the computational resources available to various Matrix environments, there are predicted to be grades and scales of fidelity, or danger, that could be compared to the dangers between the bunny hill on a ski slope, and the most treacherous black diamonds available. In particular, there might then be some special parts of computerized existence where an operator could take others with them, and where those companions most definitely would not want to be alone.

This program allows skilled computer and internet navigators to take others to hosts that might be significantly beyond their capabilities - with all the dangers that entails. If a skier drags their beginner friend to the top of a black diamond ski slope, there is a very real chance that the beginner might still break their arms and legs, whether the experienced user is with them or not.

This program is designed to trap users within the computational environment so that they are unable to disconnect themselves. A similar effect can be observed in scene of the first Matrix movie, where the symbolic analog of escape was perceived as a phone booth. After the land line was cut, escape was impossible. Whenever a hacker causes damage to a persona, the target is link-locked until the aggressor stops running this program or they successfully removed their connection to the computer environment.

Owinf to the competitive nature of games or hacking, and their aggressive culture that has turned abhorrent terms like rape and teabagging (NOT Safe For Work) into phrases that mean little more than winning a sporting competition, there is a very real desire to pull users down into a fight in the mud. In the most extreme examples, users hope to turn these phrases into the most disgusting and insulting ideas possible, translating their victory in a sport into sexual violation or murder. This program is designed to force a user to experience a physical simsense experience whether they desire to or not. Effectively circumventing their device's safety protocols, like overwriting the safety features on a Star Trek Holodeck, a user's hardware is maliciously upgraded to the point where they experience physical damage from computational interactions.

This program actively tracks all symbology applied to a users persona representation, increasing the damage from cumulative effects applied towards a single target. Similar to the physical representation of a mob attempting to pursue a single target.

Its the only way to be sure. Similar to its physical namesake, the differences between trying to hurt someone with a sword, or simply destroying the entire city they live in as a last resort. A hugely powerful file destruction program that requires frequent updates as adjustments in file recovery technology continue to progress. Almost always outright illegal program in every computational environment, it is designed to ensure that no one will ever be able to recover a file that it destroys - shredding the target, shredding the surrounding information, shredding the host it resides on, and often shredding all data traffic routes to the host. Brutal and decidedly unsubtle, grid observation and internet security are immediately alerted the world over - did anyone fail to notice Nagasaki being nuked? Offline back-ups are the only options for getting the file back.

Resprays and textures a persona's icon, assisting in erasing damage and tracking on a persona as it does so, ensuring the user is able to trust in the fact that their hardware is not being affected by outsiders.

This program uses a set of filtering algorithms to help resist both computational software destruction and physical biofeedback damage. This modifier stacks with similar modifiers from other programs.

Adds significant amounts of misleading location information in order to keep the user from being located in-real-life. This program increases the hardware's ability to obfuscate or hide itself, with an equivalent amount of noise added to any tests performed to try and use the hardware. The noise also affects trace route tests performed against the hardware running the program. This program has no effect against security convergence conditions, since if a user has attracted enough heat to alert any of the major security divisions, they are attempting hide while a crowd of users looks directly at them.

A secondary type of utility designed to protect a users physical form from detection by internet security. This utility bounces a user's internet traffic through unnecessary routes, defending the user against any trace route attempts and often leading to dead links or empty hosts. Additionally, even if a security division converges on a user while this program is running, they do not gain the user's physical location, although the user is still hit with all the other negative effects applied towards them. Modern day equivalents (circa 2020) are ideas like the Tor network or the Silk Road, internet paths specifically designed to obfuscate the sources of their users while preserving their interactions. However, similar to the experience with systems like Tor, this rerouting can lead to lag, signal degradation, and the anonymity network itself can become the source of reprisal.

Similar to its physical namesake, a program that attempts to hide the user and their hardware from opposing detection.

Just as modern day hackers (circa 2020) have seen the benefits of forcing other devices to reboot, they have seen a need to keep their devices safe from those efforts. This program adds redundant code to the OS of the users hardware and any connected devices in their personal area network, making it easier for the devices to resist crash attacks.

This program overlays simsense sensations on top of any offensive hacking action, hitting the target with a quick and disgusting sensation if even a small amount of damage is applied. The program is effective against all users with any form of biofeedback connection, but does nothing to users working without simsense connections such as AR or simple desktop applications. The program does no damage from the offensive action; instead, the targeted user experiences nausea due to the sensory input. Popular options this program uses to make targets feel queasy include the smell of a dirty diaper or the feeling of being punched in the junk.

An inaccurate combat program based on the tar-based ICE referenced within Shadowrun literature. This program improves the user and their hardware's probability of success towards offensive attempts to cause a program to crash, but its broader-based attack often affects a random program rather than a chosen one.

The Track program keeps an eye on a user's targets for them, making it easier to find their meat world equivalents, and improving their probability of success when making trace route tests with Track running. Alternately, if the target is running a Sneak variant, Track negates the bonus from that program.

This program overrides an internet host's protocols for icons. While this program is running, a user's icons can be anything they want them to be. From the lens of the internet, a user's Hammer program could look like a music file, a weapon icon could look like a credstick, and a user's persona could look like an automobile. Another persona can see what the disguised icon really is with an attempt to perceive the truth, yet they need to at least suspect enough to check.