User:Araesmojo/Computer Security Software

Computer security software or cybersecurity software is any computer program designed to influence information security. This is often taken in the context of defending computer systems or data, yet can incorporate programs designed specifically for subverting computer systems due to their significant overlap, and the adage that the best defense is a good offense.

The defense of computers against intrusion and unauthorized use of resources is called computer security. Similarly, the defense of computer networks is called network security.

The subversion of computers or their unauthorized use is referred to using the terms cyberwarfare, cybercrime, or security hacking (later shortened to hacking for further references in this article due to issues with hacker, hacker culture and differences in white/grey/black 'hat' color identification).

Common Programs or Utility Apps
Programs that are generalized enough they are commonly applied whether a user identifies themselves as white, grey, or black. Often referred to as utility applications, utility apps in this context are programs that enhance a user's experience in traditional display devices, augmented reality (AR), or virtual reality (VR); with a few options for support programs. Often referred to outside the context of hacking specifically, yet the potential for hacking uses depends on the way that they modify the experience, as they may provide the equivalent of enhancements directed towards hacking and subversion goals.

Bootloader
An IT tool used working with the boot code of a device. When most computers are turned on, they don't possess an operating system, or applications, and need to load a series of progressively greater complexity programs to enable their operation. When healthy, a bootloader simply loads the correct programs, and the computer functions normally. However, compromised bootloaders allow commands (often hidden in the hacking context) to be input into the device after the next reboot. Popular options include announcing the location of the device when it connects to a network, adjusting the processing of the device so that the default device attributes are the choice of the hacker, annoying the owner of the device, and making a record of every action on the device. These programs allow for a variety of tasks to be set up in the boot record rather than just destroying the functionality of the device.

Browser and Search Engines
Browser and search engine combos reduce the time for relevant information searches on most web hosts by exploring the data structure of the host, building some form of hierarchical information representation, and then allowing for rapid retrieval of information from specific leaf nodes. From a 2020 computing perspective, this exploration is usually performed much prior to the interaction with an endpoint user, and often involves significant corporate expenditures for data centers with extended costs devoted to building and maintaining the hierarchical representation of the semantic web. A physical comparison to the challenge these systems face could be made to a blind and deaf person starting from a random position on Earth and attempting to find a specific piece of paper without knowing the searcher's location or the target's location and then solving for a minimal distance path to the desired object while providing relevant navigation information along the route.

Configurator (Hot Swap)
Sold to general users with the purpose of configuring their systems and guiding them through the setup process, these systems have applications towards hacking from the perspective of hot swapping and configuration templates. When run, a configuration for the user's operating system or hardware is chosen other than its current state from among a selection of alternate configurations stored in the Configurator. Rather than switching only a few programs or settings, a user may switch to the full configuration stored in the program, even if it means the Configurator stops running at that point. Usually, the configuration stored in this program doesn't change when used, with the intent that a user can switch back and forth between multiple configuration as necessary. In a hacking context, this process is then useful for hot swapping a system configuration in response to challenges encountered while attempting to interact with a target system. From a traditional computing perspective, this could be compared to booting into a completely different operating system while still using the same hardware.

Diagnostics
An ongoing self-evaluation system that monitors all the devices in a user's personal area network (PAN), giving constant vital statistics on their behavior. Popular with computer-literate and interested users who enjoy trying to squeeze every last bit of usefulness out of devices, they are also popular in keeping people aware of attacks against, and infections within, the computational devices that represent their PAN.

Editor
These programs make editing easier with a smart interface that learn a user's style and can even give suggestions based on their prior activity. Traditionally attached to the idea of software or text editing, these programs approach the physical with the advent of fully programmable hardware architectures like general purpose graphical processing units and field programmable gate arrays.

Games
Typically casual games that are displayed in some form of computer environment, allowing a user to enjoy them as a pastime while also still somewhat paying attention to reality. The number on the market is huge, with some older games being modified to run on modern hardware. Significant potential exists for games used in hacking that specifically "gamify" the hacking experience or translate the hacking experience into game terms, providing objectives, metrics of performance, and translations of the experience. An extremely simplistic variation on this concept is Wikiracing, a game where users attempt to traverse the links of Wikipedia as rapidly as possible, yet at the same time gain significant knowledge about the topology of Wikipedia and concepts like Six Degrees of Separation. Notably, this idea can also extend to the environment surrounding hacking, such as cultures like DEF CON and Pwn2Own that have gamified the activity of hacking itself in an annual or multiannual competition related to hacking specific targets for fun and prizes.

Iconography Alignment
Similar to a browser or search engine, these programs differ in that they support search actions when looking for specific data on a specific host that contains that data. When loaded, these programs tailor the search algorithms to match the specific iconography of the host, increasing the probability of finding relevant results with the targeted search data. Physical world comparison can be made to the difference between attempting to find a specific town on a map versus attempting to find a USB key lost in a landfill. From a biological systems perspective, this can also be compared to the concept of structural alignment which attempts to establish homology between two or more polymer structures based on their shape and three-dimensional conformation to aid in comparison and classification.

Shredder
Shredders are designed to assist in erasing files and all their redundant back-up options that might be around inside a computer system. A shredder functions by entering a large amount of random junk data into designated files, overwriting them repeatedly to help deter attempts at recovering them. From the perspective of 2020 software patterns this erasure process usually either utilizes the Gutmann method of destroying data (often built from the CBL Data Shredder) or the ATA Secure Erase standard. Recovering a file that has been Shredded (or destroyed by a Logic Bomb, for that matter) requires access to the host the file was on originally, often with need for prior knowledge of the files contents, which explains why offline back-ups are quite popular.

Memory Management Utilities
Programs that support removing unnecessary memory allocation, detecting illicit system memory use, testing memory functionality within a system, or optimizing the system cache-management. Can become necessary in cases where the hacker's system may have a borderline amount of memory for the task being attempted or when processing large volumes of data rapidly and the speed of the operations is being inhibited by inefficient memory use. From a common Windows user's perspective, opening task manager and culling unnecessary operations represents a very basic form of this type of interaction, with some of the most valuable traits being the ability to view memory use, set process priorities, start and stop services, and forcibly terminate processes.

Social networking
Apps that monitor and support all other social networks that a person might use, incorporating them into a web of information. Possibly generating a relevance or impact score that is a piece of status in virtual social groups. Can have hacking relevance, as the worth of many network systems is based on the geometric complexity of the contributing nodes using relationships like Metcalfe's law. The social network itself my either be performing the hack or contributing to the hack, and in some cases may be the target or the recipient of the desired result of the hack. An example of this type of interaction from the 2020 perspective is the behavior of the Anonymous hacktivist collective known for its cyber attacks against governments, government agencies, corporations, and the Church of Scientology.

Software agent
Agents are autonomous computer programs built with varying levels of artificial intelligence that have some capability in general categories of computer use, hacking, and cyberwarfare. Agents perform actions within or across computer systems toward the goals of their users and are often given their own names, personalities, functions, and styles. An example of such a system used for non-hacking purposes is the Wikipedia 1.0 bot (notably a "user" from the perspective of Wikipedia) that performs data collection and processing on the categories of Wikipedia, while an example used expressly for cyberwarfare purposes is the Stuxnet worm developed jointly by the United States and Israel specifically to target the programmable logic controllers (PLCs) operating machinery and processes for gas centrifuge separation of nuclear material.
 * see also Bot
 * see also Botnet

Theme music
An algorithm that constantly monitors the owner of the PAN in all their interactions with devices. Taking this data, it attempts to determine the emotional state of the person and generates a playlist of songs to better support said user, either enhancing the feelings or dampening them. Essentially the similar to a musical mood ring. Has significant potential for hacking if the themes are then synced to either the owner or the network being interacted with. A basic example being that if security within a targeted system appears to have been notified (such as through increased lag or line noise) then battle music begins to transition into the theme.

Ticker
A series of operating system apps that provide an information feed from a specified source, the vast majority being legitimate, such as stock markets and news organizations. Some services also use these apps to give details on other users, admins, sysops, systems, police or military responses, and current payment rates for a variety of services and bribes. In the current world of 2020, there are a great many topics that generate enough traffic to merit an information feed. For example, a hacker could subscribe to a feed with up-to-the-minute news about market movement if the hacker's goal was a system related to stock market manipulation.

Virtual Machine
This program creates a virtual memory space on a user's disk. Virtual machines have traditionally been used to emulate specific hardware or architectures where the programs and environment are specifically tailored to a particular manufacture's walled garden, such as in the case of the Apple ecosystem and programs like Xcode. However, with the advent of cloud computing, virtual machines have moved into a realm where they are used to emulate multiple different architectures simultaneously on a single machine, often for the business needs of multiple endpoint users, while simultaneously providing the protection of a sandbox environment.

Types of Software to Secure Computers or Data
Below follow a series of software patterns and groups from the perspective of a host system interacting with users and attempting to secure itself or its assets against their interactions.

Prevent Access
The primary purpose of these types of systems is to restrict and often to completely prevent access to computers or data except to a very limited set of users. The theory is often that if a key, credential, or token is unavailable then access should be impossible. A physical comparison is often made to a fortress, armor, or jamming. A shell that even if abandoned would still present a significant challenge for computer access. This often involves taking valuable information and then either reducing it to apparent noise or hiding it within another source of information in such a way that it is unrecoverable.
 * Cryptography and Encryption software
 * Steganography and Steganography tools

Isolate / Regulate Access
The purpose of these types of systems is usually to restrict access to computers or data while still allowing interaction. Often this involves monitoring or checking credential, separating systems from access and view based on importance, and quarantining or isolating perceived dangers. A physical comparison is often made to a shield. A form of protection whose use is heavily dependent on the system owners preferences and perceived threats. Large numbers of users may be allowed relatively low-level access with limited security checks, yet significant opposition will then be applied toward users attempting to move toward critical areas.
 * Access control
 * Firewall
 * Sandbox

Monitor Access
The purpose of these types of software systems is to monitor access to computers systems and data while reporting or logging the behavior. Often this is composed of large quantities of low priority data records / logs, coupled with high priority notices for unusual or suspicious behavior. A physical comparison to eyes, goggles, scanning, or spying is often made. Observing user's behavior, often with the secondary goal of remaining hidden themselves.
 * Diagnostic program
 * Intrusion detection system (IDS)
 * Intrusion prevention system (IPS)
 * Log management software
 * Records Management
 * Security information management
 * Security event management
 * SIEM

Surveillance monitor
These programs use algorithms either stolen from, or provided by, the police and military internet observation organizations to provide the equivalent of a police Radio scanner. Most of these systems are born out of mass surveillance concepts for internet traffic, cell phone communication, and physical systems like CCTV. In a global perspective they are related to the fields of SIGINT and ELINT and approach GEOINT in the global information monitoring perspective. Sources for such information and the organizations that provide them, in the year 2020, within their particular jurisdictions, include (although may not be exclusive to): Note that several instant messaging programs such as ICQ (founded by "former" members of Unit 8200), or WeChat and QQ (rumored 3PLA/4PLA connections ) may represent extensions of these observation apparati.
 * NSA with BOUNDLESSINFORMANT/BULLRUN/MAINWAY/MYSTIC/PRISM (United States)
 * Spetssvyaz/FSO/FSB with SORM (Russian NSA equivalents from FAPSI)
 * 3PLA(SIGINT)/4PLA (ELINT)/MPS/MSS (China)
 * Unit 8200/Aman (Israel)
 * VAJA (Iran)
 * FROSTING with TRANSIENT and ECHELON (Five Eyes (FVEY))
 * SatCen/INTCEN/EEAS with SIS and SIRENE (European Union)
 * GCHQ with MTI (United Kingdom)
 * ASD (Australia)
 * BfV (Germany)
 * DGSE (France)
 * MIVD (Netherlands)
 * CSE (Canada)
 * TERM/NIA using CMS (India)
 * ISI/FIA/JSIB with NADRA (Pakistan)
 * FIS/PSTS with Onyx (Switzerland)
 * FRA with TTD (Sweden)

Remove Programs or Malicious Code
The purpose of these types of software is to remove malicious or harmful forms of software that may compromise the security of a computer system. These types of software are often closely linked with software for computer regulation and monitoring. A physical comparison to a doctor, scrubbing, or cleaning ideas is often made, usually with an "anti-" style naming scheme related to a particular threat type. Threats and unusual behavior are identified by a system such as a firewall or an intrusion detection system, and then the following types of software are used to remove them. These types of software often require extensive research into their potential foes to achieve complete success, similar to the way that complete eradication of bacteria or viral threats does in the physical world. Occasionally this also represents defeating an attackers encryption, such as in the case of data tracing, or hardened threat removal.
 * Anti-keyloggers
 * Anti-malware
 * Anti-spyware
 * Anti-subversion software
 * Anti-tamper software
 * Antivirus software
 * Cryptanalysis

Types of Software to Subvert Computers or Data
Similar to systems used to secure systems, below are a series of software patterns and groups from the perspective of users attempting to subvert, invade, or infect computer systems. Many of these ideas where theorized as early as the 1960s and 1970s in the fields of cyberpunk literature with magazines like New Worlds and solidified in the 1980s with novels like Neuromancer. Note that most of these types of program also have applications in securing systems and countering hacking, yet are primarily known in the fields of hacking, espionage, and computer subversion. Because of their similarity to securing computers, these ideas fall into similar categories.

Bot
copied from main wikipedia article (with slight modification) on 3/19/2021 for ease of reference

An Internet bot, web robot, robot or simply bot, is a software application that runs automated tasks (scripts) over the Internet. Not necessarily malicious, bots perform tasks that are simple and repetitive, much faster than a person could. The most extensive use of bots is for web crawling, in which an automated script fetches, analyzes and files information from web servers. More than half of all web traffic is generated by bots.

Botnet
A collection of programs or software agents operating over a collection of computers and internet addresses. Behaving like a swarm or collective, these groups often route information through each other, perform coordinated actions with each other, or redundantly store information throughout the group. Often viewing as being controlled through command and control software. However, botnets can be created in a "fire and forget" structure, where an infectious program is released into the wild, replicates itself, and then operates autonomously based on its guiding parameters. Can be composed of bots, virii, worms, or trojan horse software or a combination of the types.

Virus
copied from main wikipedia article on 3/19/2021 for ease of reference

A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus.

Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection.

Worm
copied from main wikipedia article on 3/19/2021 for ease of reference

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it.

Trojan Horse
A software program that disguises its actual purpose, often with malicious intent. Usually downloaded while imitating legitimate software, a trojan horse may then immediately execute and transform into a different type of software, or imitate the legitimate software while covertly running secondary programs.

Perspective on "Malicious"
Although viruses and worms are often created maliciously, both could theoretically simply evolve from ideas like software bugs that cause a program to begin replicating and spreading, without any initial intended malicious behavior. Much like their organic counterparts, a tapeworm isn't necessarily "malicious", simply another organism growing in its natural environment. Yet from the perspective an animal's digestive tract, this might be interpreted as aggressive or invasive behavior. Several types of worms and virii in the organic environment have evolved to be symbiotic with their hosts, and similar situations may be possible in the digital environment.

Isolate or Modify Access
The purpose of these programs from an attack perspective is to isolate or control access to a system while still allowing the normal users to operate the system. This may imply that the normal users are completely unaware of the issue, or that the normal users experience a degradation of their user experience without an obvious cause until the malicious software is found. In larger internet context, this may also involve isolating a computer from interaction with the wider internet, possibly without their notice, or installing software that might allow for the possibility for future control of the user's system without immediately taking control. A physical world comparison is copying the keys to an owner's house without their knowledge. Vandalism and intimidation could happen in the future, yet don't necessarily happen immediately.
 * Access Controller or Modifier (Selectively change user access to system or network resources)
 * Automated Downloader
 * Communication Modifier or "man-in-the-middle"
 * Email or Text Msg Spoofing (Modify for falsely represent a persons written communication)
 * Hardware Backdoor
 * Software Backdoor
 * Rootkit (sometimes referred to as Bootkit)
 * Website or Browser Redirection

Monitor Access
The purpose of these programs is simply to monitor a user's interactions with a computer system. Often there is little or no degradation of the user experience, as obvious degradation would give away the monitoring. Stealth tends to be a priority as information gathering is preferable to short-term benefit. A physical world comparison would be a deep-cover spy that might exist as part of a society for decades, going to work in factory, earning promotions with increased trust or responsibility, all with the purpose of silently gathering and reporting information.
 * Activity Monitor (Track lifestyle, interaction patterns, and times of use)
 * Data Scraper
 * Duplicator (Copy the structure, sequence and organization of a system to falsely represent that system)
 * Eavesdropper
 * Exit Node Logger (Find a users internet location on a secret network)
 * Keylogger
 * Locator (Find a user's physical location - https://geotraceroute.com/)
 * Path Tracer (Find internet route to a user's computer after randomized infection)
 * Sniffer
 * Snooper

Prevent Access
These programs are designed to stop normal users from interacting with their systems, often permanently. The stuxnet worm was a program within this category, designed to find specific computer systems related to nuclear refining, and destroy those systems. In hacking culture, this behavior is often referred to as "bricking" a target's computer system.
 * Bricker
 * Fork Bomb
 * Logic Bomb
 * Time Bomb

Warez
Programs usually designed for an economic benefit to the attacker, which install an application, often hidden, on the targets hardware. These programs then usually either provide information (such as unwanted ads), restrict information in a form of blackmail, or record information that can later be sold or used to find further vulnerabilities. The unifying theme, however, tends to be the economic motivation with some type of implied payout from the activity. This can be contrasted to other types of programs that might have social, military, or nationalistic motivations with no perceivable economic motivation. Physical world comparisons are challenging, yet might include aggressive advertising billboard placement, loudspeakers blaring out propaganda, thieves stealing objects and demanding payment, or kidnappers stealing family or friends and demanding payment.
 * Adware
 * Browser "Helper" Objects (Often the opposite of "helpful")
 * Crimeware (Usually because of a connection to a specific crime or organization)
 * Cryptojacking Malware (Subvert computer to mine bitcoins)
 * Malware
 * Ransomware
 * Scareware
 * Spyware

Software run on computers to secure other systems
These types of software are programs run on computers that are primarily intended to secure systems other than themselves. This is usually achieved by providing interactions with physical world systems or by evaluating data that may not be "directly" related to computer security.
 * Computer Aided Dispatch (CAD)
 * Fraud Detection

Futuristic security concepts
Most of the remaining concepts here represent futuristic concepts that are moving into the realm of mainstream culture, yet won't reach real fruition until completely immersive computing environments are a reality where ideas like simsense and biofeedback have significant applications. These ideas are included to warn about the potential for physical damage such as using the computational equivalent of flashbangs to damage eyesight or causing extreme audio spikes to damage hearing.

Considering these ideas from a 2020 internet perspective, concepts like logic bombs were the purview of science fiction writers in the 1980s, yet by 1996 they were already being used in attempts to cripple securities trading at firms like Deutsche Morgan Grenfell with complex releases involving the below referenced timed Detonator. A quote from Bill Gates 1989 is often referenced in this regard, "That is, a move from 64 K to 640 K felt like something that would last a great deal of time. Well, it didn't - it took about only 6 years before people started to see that as a real problem."

New terminology
Within this section, several terms mostly referenced in science fiction writing are used, as they represent the only words currently available to describe these ideas. Anime such as Ghost in the Shell, novels like Neuromancer, movies like the Matrix trilogy, and roleplaying games such as Shadowrun were earlier adopters of these concepts. The very idea of "the Matrix", coined by the novel Neuromancer in 1984, became the concept of a simsense environment where a user could live in computation like they did in the physical, and the term ICE became connected with the idea of automated internet security systems with advanced AI foundations. Many of the terms referenced below are also borrowed from Shadowrun, as the creators and writers were categorizing, naming, and evaluating game mechanics for these terms in the 1980s. Some terms, such as Shadowrun's "data bomb" have been transformed into logic bomb with newer media, yet many of the terms are still the primary word, like Shredders and Configurators.

Persona or avatar
The concept that within a sufficiently advanced computational environment, users will be shown or represented by some form of iconic image or alias that refers to their real-life equivalent. This type of behavior is already visible in the year 2020, in the form of internet message boards, gamer tags, or the three dimensional models they use to interact with a game environment. With sufficient immersion, or advanced environment, this distinction between the digital and "real-life" breaks down, as the user may spend a greater percentage of their time in digital space, than they do interacting with their physical body.

Simsense
The ability for a user to interact with a computational environment or a piece of computational hardware in a way that approaches the physical interaction they have with their day-to-day environment. To explore an internet host environment is to simply walk through a city, with all of the pedestrians, buildings, and automobiles representing some form of sensory translation experience.

The experience of interacting with the digital environment is then translated into digital actions. To physically fight in the digital is to enact the equivalent of cyberwarfare or computer intrusion. To invade a secured facility could be compromising a secured server. Security features or programs might instead look like fences, guard animals, or observational cameras. Physical activities and objects are simply provided translations of their effects in the digital.

A modern, 2020 example would be the delivery of letters to addresses. In a highly simsense based environment, a character might simply place an envelope in a delivery location. The letter is collected by a worker, travels through sorting and collection facilities, and if successful, arrives at its marked destination. In the digital, this would be similar to writing an email, which is then sent to a router, transmitted across a series of information paths through other routers, and if successful, arrives at its destination computer terminal.

This experience usually requires some sort of module or add-on to traditional user interfaces that translate the experience into physical terms. Many times, this completely removes the user from the physical environment they used to experience - effectively paralyzing them.

Augmented reality systems represent a bridge between these ideas, where the computational environment of the internet is overlaid atop the normal physical world they experience. Games like Pokemon Go approach this concept, where user's move through the physical world attempting to capture digital monsters that only exist on the internet.

Biofeedback
The effect of computational destruction being translated into some form of physical experience for the user of a computer system. Often this implies that the users physical body is either stunned or wounded, causing the experience of bleeding, blinding, deafening, or pain in response to events occurring within a computer host they are interacting with. Although this might seem risky, the perceived reward is usually either greater resolution or responsiveness within the computational environment. This behavior is already being observed in 2020, with moves towards totally immersive goggles like the Oculus. However, even these limited goggles could then expose a user to damage from input signals purposely designed to overload their visual perception, causing physical damage to their eyes or ears.

If a character wears goggles or has eyes that view the digital, then those vision systems can be subverted to harm the user with effects that are more extreme than a normal desktop, laptop, or cell phone user. False information can be shown, annoying or uncomfortable information (such as nausea or epilepsy inducing imagery) can be shown, and directly harmful information (such as blinding or stunning imagery) can be shown.

If a character wears headphones, earpieces, or has ears that hear the digital, then similar attacks are possible. False sounds, annoying sounds, or directly damaging sounds. The level of vulnerability often related to how easy it is to remove the connection. Compromised headphones might simply be thrown away, yet cybernetic ears would be extremely difficult to remove.

ICE

 * see Intrusion Countermeasures Electronics

Matrix
Noted above, the concept of a simsense environment where a user could live in computation like they did in the physical. Connected with the following quote from Neuromancer:

Armor
These types of programs work with a user's firmware as a secondary firewall, providing additional protection for valuable or sensitive regions of the operating system, programs, or hardware. In the case of simsense environments, this protection then approaches its physical parallel, sheets of data that limit damaging interaction that might otherwise harm a user's physical form. Because simsense translates the digital interaction into a physical expression, such ideas might appear like a bullet proof vest, heavy scales, or plate mail in the digital realm. Yet their digital expression might be equivalent to strong crytography that's difficult to subvert.

Biofeedback Program
When taking part in any form of computational conflict, this program laces all of the offensive actions a user takes with dangerous biofeedback signals. This program only works if the target has the possibility to experience some form of physical simsense, and has limited effect on users perceiving the internet environment using traditional displays or low resolution AR. When a user's actions cause computational damage, the target might be physically stunned if the target was only using a form of low resolution AR, yet physically wounded if the target has somehow directly linked their body to the internet (like the Matrix movies).

If a character plays a game like Counterstrike or PUBG with a low amount of simsense, the experience is distant and limited, yet also less risky. It might be better than a desktop experience, because "you're actually there", yet still not have the risk of fighting with real bullets. A character shoots another character, and its only a line item on a text feed and a wait to respawn. Yet for a character deeply immersed in simsense, playing such a game would involve actually having bullets rip through their flesh and bones, with all the discomfort, wounding, and long term effects that might cause. A character might not even die, and simply be left debilitated, much like soldiers from WWII or Vietnam.

A biofeedback program would take character attempting to interact in a relatively low-risk way, yet have the potential for risky simsense, and force those character to experience the most hurtful possible effects. Rather than simply win a conflict, the biofeedback program user is specifically attempting to cause physical pain and suffering.

Biofeedback filter
This program is similar to a firewall for a user's physical simsense module, helping to protect against malicious programs that would attempt to upgrade a characters simsense experience detrimentally. Possibly of greater value than a firewall. Its one thing to have your credit card number stolen, its another for the experience to be forcibly translated into a knife wound and a mugging. Like noted with biofeedback programs, characters may attempt to interact with the digital at a relatively low risk level, and malicious actors would attempt to increase their risk against their desires. These programs resist those attempts.

Blackout
This is a kinder, gentler version of physical biofeedback. Similar to how police and law enforcement have shifted from using pistols to tasers in most encounters, this program causes stun damage, even if the target is using physical simsense.

Cat's paw
A low-offensive attack program that distracts the user instead of damaging the device they are using. Cat's Paw is useful to prevent a user from performing actions while not bricking the device they may be using. This program fills the interaction experience with annoying errors, such as spam pop-ups and pop-unders, or other distracting garbage. On a successful offensive interaction with the system, instead of doing damage, the program generates a negative modifier to further interaction with the system. In a highly immersive simsense experience, this might translate to clouds of bugs pestering the character or annoying itches and rashes. Effects that aren't directly harmful, yet detract from their effectiveness and the overall experience.

Cloudless
This program uses legacy code from previous incarnations of the internet to place data exclusively within physical media. In addition to saving a file, it allows the user to successfully remove a file from the memory of a single designated cloud computing environment. Attempting to remove these files is opposed by the depth and breadth of the cloud based systems they were originally stored on, with larger systems increasing the challenge. Attempting to remove a single image file from a small host would represent a minor challenge, while attempting to remove the idea of Neuromancer itself would represent a significant difficulty.

Crash
One thing hackers have learned about internet protocols is that the ability to force devices to reboot can be very beneficial. When running, it attempts to fill a targeted device with an exceptional amount of reboot-worthy errors, adding to the probability that hardware running this program will be able to cause a reboot on the target system. This may affect the entire system or a single vulnerable program with critical system access.

An example from the modern (2021) era is the discovery of the WebKit security bug affecting iPhone and MacOS. By making a user's Safari browser crash repeatedly, and taking advantage of audio latency code, attackers can use the exploit to build arbitrary read/write primitives which can then be used to build a chain of further exploits. Often this results because a crash situation causes normal protections related to privileges or sandboxing to collapse in a disorganized state while the system recovers.

Defuse
Similar to the protective pads and clothing worn by demolition or bomb squads, this program creates predictive barriers between the user and a logic bomb, providing protection against its effects should it be prematurely detonated. Particular important in a simsense environment, where the translated effects of a logic bomb might result in life-threatening wounds for an internet user.

Demolition
Demolition programs tend to be on the leading edge of logic bomb research, and are specifically purchased to improve the probability of success, and host damage caused, when a logic bomb is detonated. Similar to their physical world equivalents, most demolition programs are predicted to be heavily restricted to professional or military use, and often illegal in most host environments.

Detonator
With delicate monitoring, this program is able to determine how often a file is accessed, and it sets a logic bomb to go off after it has been affected a set number of times. To use this program, a user must attempt set and arm a logic bomb; and if successful, they can then select how many actions can be executed with the file, or a specific time period, before the bomb goes off. They can also choose whether the logic bomb does computational damage to the surrounding host environment or just deletes the target file. Notoriously difficult to spot, detonator-enabled logic bombs are equivalent to a user that has already hidden within a host environment and takes no other actions beyond observing their surroundings.

Fly on a wall
Government and corporate security divisions tends to prevent long-term surveillance by unauthorized personnel. However, while this program is running, and the user is performing no actions other than observing their environment, the security observation of their actions only increases minimally. The program requires an attempt to hide their presence initially in order to activate properly, and it does not assist in any way in preventing any other persona from noticing the initial attempt to hide. It simply helps them remain hidden once they have successfully obfuscated themselves. Very similar to the physical equivalent of a tiny sentient drone that most creatures ignore without even considering its significance.

Exploit
This program analyzes and scans a target for weaknesses in its Firewall, improving the operator's probability of success when attempting to stealthily interact with a computer system.

Evaluate
Similar to a Ticker, except with the addition of automatic appraising of data values. With constant updates from a reliable information source that specialize in monitoring data auctions, this program calculates how much a certain amount of data might be worth, in order to allow a user to perform an informed risk/reward calculation toward the amount of information they might obtain relative to heat they would generate from security or law enforcement.

Fork
A computer user can perform a single action on two targets with this program. Technically, fork is an operation whereby a process creates a copy of itself. In a modern (2021) context, fork is usually implemented as a C Standard Library (libc) wrapper to the fork, clone, or other system calls of the kernel. Abstracted to future computing systems, users make a single action, with protections, security, and countermeasures from both systems affecting their results, usually increasing the difficulty because of interacting with multiple targets simultaneously. Each of the targets resist with their own attributes, firmware, and software. The result of the actions are determined separately against each target.

As a current (2021) example, trying to infect both Windows and Linux machines simultaneously with a similar virus would increase the complexity and difficulty, because each machine type might have differing firewalls, countermeasures, obfuscation, or physical hardware structure.

Translating to a simsense example, fighting a single other human is considered challenging in most situations, yet people like Bruce Lee were considered masters of the martial arts because they could fight multiple opponents simultaneously, often with different skills, physiques, and fighting styles.

Guard
This program keeps an eye out for weaknesses the same way an attacker would, reducing damage taken from symbology applied to their icon representation.

Hammer
A computer program specifically used for causing damage within the computer environment. Brute force destruction like breaking rocks on a prison chain gang. Similar to the old adage that "if all you have is a hammer, everything looks like a nail."

Hitchhiker
Due to the relativistic difference in the computational resources available to various Matrix environments, there are predicted to be grades and scales of fidelity, or danger, that could be compared to the dangers between the bunny hill on a ski slope, and the most treacherous black diamonds available. In particular, there might then be some special parts of computerized existence where an operator could take others with them, and where those companions most definitely would not want to be alone.

This program allows skilled computer and internet navigators to take others to hosts that might be significantly beyond their capabilities - with all the dangers that entails. If a skier drags their beginner friend to the top of a black diamond ski slope, there is a very real chance that the beginner might still break their arms and legs, whether the experienced user is with them or not.

Lockdown
This program is designed to trap users within the computational environment so that they are unable to disconnect themselves. A similar effect can be observed in scene of the first Matrix movie, where the symbolic analog of escape was perceived as a phone booth. After the land line was cut, escape was impossible. Whenever a hacker causes damage to a persona, the target is link-locked until the aggressor stops running this program or they successfully removed their connection to the computer environment.

Mud slinger
Owing to the competitive nature of games or hacking, and their aggressive culture that has turned abhorrent terms into phrases that mean little more than winning a sporting competition, there is a very real desire to pull users down into a fight in the mud. This program is designed to force a user to experience a physical simsense experience whether they desire to or not. Effectively circumventing their device's safety protocols, like overwriting the safety features on a Star Trek Holodeck, a user's hardware is maliciously upgraded to the point where they experience physical damage from computational interactions.

This program differs from biofeedback programs, because the target user may not believe they have the ability to experience physically harmful simsense. A user may have bought interaction hardware that purposely limits the risk of their experience. The attacker is applying malicious software (or possibly hardware in the case of systems like FPGAs) upgrades that unknowingly increase the user's ability to perceive simsense experiences to the point of being painful, dangerous, or possibly life threatening.

Mugger
This program actively tracks all symbology applied to a users persona representation, increasing the damage from cumulative effects applied towards a single target. Similar to the physical representation of a mob attempting to pursue a single target.

Nuke-from-orbit
Similar to its physical namesake, the differences between trying to hurt someone with a sword, or simply destroying the entire city they live in as a last resort. A blunt, obvious, powerful file destruction program that requires frequent updates as adjustments in file recovery technology continue to progress. Almost always outright illegal program in every computational environment, it is designed to ensure that no one will ever be able to recover a file that it destroys - shredding the target, shredding the surrounding information, shredding the host it resides on, and often shredding all data traffic routes to the host. Brutal and decidedly unsubtle, causing large changes in internet traffic throughout the vicinity of its use. Offline back-ups are the only options for getting the file back.

Paintjob
Resprays and textures a persona's icon, assisting in erasing damage and tracking on a persona as it does so, ensuring the user is able to trust in the fact that their hardware is not being affected by outsiders.

Shell
This program uses a set of filtering algorithms to help resist both computational software destruction and physical biofeedback damage. This modifier stacks with similar modifiers from other programs.

Smoke-and-mirrors
Adds significant amounts of misleading location information in order to keep the user from being located in-real-life. This program increases the hardware's ability to obfuscate or hide itself, with an equivalent amount of noise added to any tests performed to try and use the hardware. The noise also affects trace route tests performed against the hardware running the program. This program has no effect against security convergence conditions, since if a user has attracted enough heat to alert any of the major security divisions, they are attempting hide while a crowd of users looks directly at them.

Sneak
A secondary type of utility designed to protect a users physical form from detection by internet security. This utility bounces a user's internet traffic through unnecessary routes, defending the user against any trace route attempts and often leading to dead links or empty hosts. Additionally, even if a security division converges on a user while this program is running, they do not gain the user's physical location, although the user is still hit with all the other negative effects applied towards them. Modern day equivalents (circa 2020) are ideas like the Tor network or the Silk Road, internet paths specifically designed to obfuscate the sources of their users while preserving their interactions. However, similar to the experience with systems like Tor, this rerouting can lead to lag, signal degradation, and the anonymity network itself can become the source of reprisal.

Stealth
Similar to its physical namesake, a program that attempts to hide the user and their hardware from opposing detection.

Swerve
Just as modern day hackers (circa 2020) have seen the benefits of forcing other devices to reboot, they have seen a need to keep their devices safe from those efforts. This program adds redundant code to the OS of the users hardware and any connected devices in their personal area network, making it easier for the devices to resist crash attacks.

Tantrum
This program replaces damage to hardware or software with disgusting simsense sensations meant only for users with any form of biofeedback connection, but does nothing to users working without simsense connections such as AR or simple desktop applications.

Tarball
A program designed specifically to cause other programs to crash, yet unlike the specific Crash Program concept, concentrating on a broader-based action that causes random program crashes rather than crashing a chosen one.

In a modern (2021) context, disabling almost any of the core procedures on a Windows computer will often cause an immediate reboot of the system, yet they are often far more restricted or difficult to access. However, disabling numerous helper programs that are not so well secured may cause a similar effect, without needing to circumvent the core operating system programs.

From a modern attack perspective, a technique involving writing large amounts of junk code (or specifically designed "junk" code) to locations within the stack would be similar. The specific program that crashes might not be dependable, yet numerous programs might crash because of memory misalignments, unsuccessful read/writes, or fortuitously hurtful code.

A large simsense example would be using an exploit within the computer control of automobile steering or engines to simultaneously cause disruptions on numerous highways. The individual failures of individual automobiles might be difficult to predict, yet the combined effect would be widespread disruption and resource supply failures throughout the highway system.

Track
The Track program keeps an eye on a user's targets for them, making it easier to find their meat world equivalents, and improving their probability of success when making trace route tests with Track running. Alternately, if the target is running a Sneak variant, Track negates the bonus from that program.

Wrapper
This program overrides an internet host's protocols for icons. While this program is running, a user's icons can be anything they want them to be. From the lens of the internet, a user's Hammer program could look like a music file, a weapon icon could look like a credstick, and a user's persona could look like an automobile. Another persona can see what the disguised icon really is with an attempt to perceive the truth, yet they need to at least suspect enough to check.