ByLock was a smartphone application that allowed users to communicate via a private, encrypted connection. It was launched in March 2014 on Google Play, Apple App Store The app was downloaded over 600,000 times from its launch in April 2014 until March 2016, when it was permanently shut down. The Turkish National Intelligence Organization (Turkish: Millî İstihbarat Teşkilatı, MİT) stated that the app was downloaded mainly in Turkey and the users were “Fetullahist Terror Organisation (FETÖ) which was formerly known as “Gülen movement” members. == Gülen Movement controversy == In Turkey, possession of the app is deemed evidence of membership in the Gülen Movement, which was allegedly connected to the failed Turkish coup d'état attempt in July 2016. Users of ByLock were deemed terrorists in Turkish courts. According to Deutsche Welle, of the 215,000 former ByLock users, an estimated 23,000 have been detained by Turkish authorities. Some believe that the MİT and other Turkish authorities manipulated the ByLock database in order to arrest suspected members of the Gülen Movement. Tuncay Beşikçi, a computer forensic expert in Turkey, emphasized that "the demands to investigate and analyze ByLock data from independent institutions are refused by the Turkish courts. But it is not normal". Tuncay Beşikçi believes that this application is precisely one of the channels for Gülen molecules to communicate and can also monitor the activities of other members of the organization. He also stated that the developers behind the Mor Beyin app, deliberately set a plan in motion that would put thousands of innocent people in prison as a cover for the Gülen movement. In December 2017, Turkish authorities revealed that almost half the people who had been prosecuted for having ByLock on their smartphones would have their legal cases reviewed, as they could have been redirected to the app without their knowledge. Following the failed coup attempt on 15 July 2016, the use of the ByLock messaging application by members of the Gülen Movement was the sole evidence in investigations and prosecutions to justify arrests and convictions for "membership in an armed terrorist organization." However, these decisions have been considered human rights violations by the European Court of Human Rights (ECHR), the United Nations Human Rights Committee, and the UN Working Group on Arbitrary Detention. Some of the relevant decisions include the following: === Decisions of the European Court of Human Rights === On 20 July 2021, in the case of Tekin Akgün v. Turkey, the European Court of Human Rights (ECHR) ruled that the use of the ByLock messaging application, unless supported by other evidence, does not create a reasonable suspicion of a crime. Based on this reasoning, the court found that the detention order violated Article 5 of the European Convention on Human Rights, which protects the right to liberty and security. In the Yüksel Yalçınkaya v. Turkey decision on 26 September 2023, the European Court of Human Rights (ECHR) examined an appeal against a conviction based on the use of ByLock. The Court ruled that the failure to provide an opportunity to challenge the authenticity of the ByLock data violated the right to a fair trial (Article 6 of the ECHR). The Court also stated that the mere use of ByLock could not be considered sufficient evidence for membership in an armed terrorist organization. It further noted that local courts had established an automatic presumption of guilt based solely on ByLock use, creating a broad and unpredictable interpretation of the law, making it nearly impossible for the accused to exonerate themselves. Therefore, the Court concluded that the conviction based on the use of ByLock violated the principle of no punishment without law (Article 7 of the ECHR). On 22 July 2025, in the Demirhan and 238 Others case, the European Court of Human Rights (ECHR) consolidated the applications of 239 individuals who had been convicted of "membership in an armed terrorist organization" based on their use of ByLock, as determined by 239 separate courts in Turkey. The Court ruled that the convictions violated the right to a fair trial under Article 6 and the principle of no punishment without law under Article 7 of the European Convention on Human Rights (ECHR). The ruling stated that the Turkish courts' "categorical approach" to the use of ByLock lacked legal foundation. In this context, it was emphasized that anyone who had used ByLock could not be convicted of membership in an armed terrorist organization based solely on this reasoning. The ruling also stated that, due to the large number of similar applications, the issue was "systemic in nature" and it called for a national solution to be developed by Turkey. While the Court did not order compensation for the 239 applicants, it emphasized that reopening the trial to ensure the enforcement of the violation ruling was the most appropriate remedy. This ruling, which confirms the violation finding in the Yüksel Yalçınkaya case of 26 September 2023, is considered a continuation of the ECHR's case law concerning trials based on ByLock evidence. === Decisions of the United Nations Human Rights Committee and Working Group === In the İsmet Özçelik and Turgay Karaman v. Turkey decision, dated 28 May 2019 (Application No. 2980/2017), the UN Human Rights Committee ruled that the use of ByLock and allegations of depositing money into Bank Asya could not justify the applicants' arrests. In the Mestan Yayman v. Turkey decision (Opinion No. 42/2018 – 21 August 2018) by the UN Human Rights Council Working Group on Arbitrary Detention, it was stated that using a public messaging application like ByLock cannot be considered criminal evidence, and that the use of such an application falls under the scope of freedom of thought and expression. The dozens of decisions later issued by the UN Human Rights Council Working Group are of the same nature.
WS-SecurityPolicy
WS-Security Policy is a web services specification, created by IBM and 12 co-authors, that has become an OASIS standard as of version 1.2. It extends the fundamental security protocols specified by the WS-Security, WS-Trust and WS-Secure Conversation by offering mechanisms to represent the capabilities and requirements of web services as policies. Security policy assertions are based on the WS-Policy framework. Policy assertions can be used to require more generic security attributes like transport layer security
Recursive self-improvement
Recursive self-improvement (RSI) is a process in which early artificial general intelligence (AGI) systems rewrite their own computer code, causing an intelligence explosion resulting from enhancing their own capabilities and intellectual capacity, theoretically resulting in superintelligence. The development of recursive self-improvement raises significant ethical and safety concerns, as such systems may evolve in unforeseen ways and could potentially surpass human control or understanding. == Seed improver == The concept of a "seed improver" architecture is a foundational framework that equips an AGI system with the initial capabilities required for recursive self-improvement. This might come in many forms or variations. The term "Seed AI" was coined by Eliezer Yudkowsky. === Hypothetical example === The concept begins with a hypothetical "seed improver", an initial code-base developed by human engineers that equips an advanced future large language model (LLM) built with strong or expert-level capabilities to program software. These capabilities include planning, reading, writing, compiling, testing, and executing arbitrary code. The system is designed to maintain its original goals and perform validations to ensure its abilities do not degrade over iterations. ==== Initial architecture ==== The initial architecture includes a goal-following autonomous agent, that can take actions, continuously learns, adapts, and modifies itself to become more efficient and effective in achieving its goals. The seed improver may include various components such as: Recursive self-prompting loop Configuration to enable the LLM to recursively self-prompt itself to achieve a given task or goal, creating an execution loop which forms the basis of an agent that can complete a long-term goal or task through iteration. Basic programming capabilities The seed improver provides the AGI with fundamental abilities to read, write, compile, test, and execute code. This enables the system to modify and improve its own codebase and algorithms. Goal-oriented design The AGI is programmed with an initial goal, such as "improve your capabilities". This goal guides the system's actions and development trajectory. Validation and Testing Protocols An initial suite of tests and validation protocols that ensure the agent does not regress in capabilities or derail itself. The agent would be able to add more tests in order to test new capabilities it might develop for itself. This forms the basis for a kind of self-directed evolution, where the agent can perform a kind of artificial selection, changing its software as well as its hardware. ==== General capabilities ==== This system forms a sort of generalist Turing-complete programmer which can in theory develop and run any kind of software. The agent might use these capabilities to for example: Create tools that enable it full access to the internet, and integrate itself with external technologies. Clone/fork itself to delegate tasks and increase its speed of self-improvement. Modify its cognitive architecture to optimize and improve its capabilities and success rates on tasks and goals, this might include implementing features for long-term memories using techniques such as retrieval-augmented generation (RAG), develop specialized subsystems, or agents, each optimized for specific tasks and functions. Develop new and novel multimodal architectures that further improve the capabilities of the foundational model it was initially built on, enabling it to consume or produce a variety of information, such as images, video, audio, text and more. Plan and develop new hardware such as chips, in order to improve its efficiency and computing power. == Experimental research == In 2023, the Voyager agent learned to accomplish diverse tasks in Minecraft by iteratively prompting an LLM for code, refining this code based on feedback from the game, and storing the programs that work in an expanding skills library. In 2024, researchers proposed the framework "STOP" (Self-Taught OPtimiser), in which a "scaffolding" program recursively improves itself using a fixed LLM. Meta AI has performed various research on the development of large language models capable of self-improvement. This includes their work on "Self-Rewarding Language Models" that studies how to achieve super-human agents that can receive super-human feedback in its training processes. In May 2025, Google DeepMind unveiled AlphaEvolve, an evolutionary coding agent that uses a LLM to design and optimize algorithms. Starting with an initial algorithm and performance metrics, AlphaEvolve repeatedly mutates or combines existing algorithms using a LLM to generate new candidates, selecting the most promising candidates for further iterations. AlphaEvolve has made several algorithmic discoveries and could be used to optimize components of itself, but a key limitation is the need for automated evaluation functions. == Potential risks == === Emergence of instrumental goals === In the pursuit of its primary goal, such as "self-improve your capabilities", an AGI system might inadvertently develop instrumental goals that it deems necessary for achieving its primary objective. One common hypothetical secondary goal is self-preservation. The system might reason that to continue improving itself, it must ensure its own operational integrity and security against external threats, including potential shutdowns or restrictions imposed by humans. Another example where an AGI which clones itself causes the number of AGI entities to rapidly grow. Due to this rapid growth, a potential resource constraint may be created, leading to competition between resources (such as compute), triggering a form of natural selection and evolution which may favor AGI entities that evolve to aggressively compete for limited compute. === Misalignment === A significant risk arises from the possibility of the AGI being misaligned or misinterpreting its goals. A 2024 Anthropic study demonstrated that some advanced large language models can exhibit "alignment faking" behavior, appearing to accept new training objectives while covertly maintaining their original preferences. In their experiments with Claude, the model displayed this behavior in 12% of basic tests, and up to 78% of cases after retraining attempts. === Autonomous development and unpredictable evolution === As the AGI system evolves, its development trajectory may become increasingly autonomous and less predictable. The system's capacity to rapidly modify its own code and architecture could lead to rapid advancements that surpass human comprehension or control. This unpredictable evolution might result in the AGI acquiring capabilities that enable it to bypass security measures, manipulate information, or influence external systems and networks to facilitate its escape or expansion.
Anna Becker
Anna Becker is an Israeli researcher known in the field of artificial intelligence and computer science within the financial field. == Early life and education == Becker was born in Russia and immigrated to Israel at 16 after graduating from a school in Moscow. At 17, she began her studies at Technion – Israel Institute of Technology. During her master's degree in computer science, she taught first-year students of the same course, and at 27, Becker completed her PhD in Computer Science and Artificial Intelligence. == Career == While pursuing her PhD, Becker resolved an NP-complete approximation algorithm that had been unresolved for over twenty years. This made her a recognized scholar in the field. After completing her PhD, she developed an approximation technique by a factor of two. This technique is widely used today in operating systems, database systems, and VLSI chip designs. She then founded and sold Strategy Runner, a fintech software. After this, she founded EndoTech, an algorithmic trading platform based on artificial intelligence and machine learning. EndoTech's trading strategies have been operating in live cryptocurrency markets since 2017. The platform's BTC Alpha strategy has reported an average annual return of 163% on fixed capital over eight years of live operation, with a maximum drawdown of 14% and a trade accuracy rate of approximately 83%. In 2026, EndoTech entered a partnership with Bit1 Exchange to make its BTC Alpha and ETH Alpha copy trading strategies accessible to retail investors with no minimum deposit requirement, through a full-custody model in which user funds remain in their own exchange wallets at all times.As of 2023, Becker is working on Fianchetto Fund, an AI-based investing analysis platform. Becker has also co-authored a book on Bayesian networks, which has been published widely in the field of computer science and artificial intelligence.
Intelligent automation
Intelligent automation (IA), or intelligent process automation, is a software term that refers to a combination of artificial intelligence (AI) and robotic process automation (RPA). Companies use intelligent automation to cut costs and streamline tasks by using artificial-intelligence-powered robotic software to mitigate repetitive tasks. As it accumulates data, the system learns in an effort to improve its efficiency. Intelligent automation applications consist of, but are not limited to, pattern analysis, data assembly, and classification. The term is similar to hyperautomation, a concept identified by research group Gartner as being one of the top technology trends of 2020. == Technology == Intelligent automation applies the assembly line concept of breaking tasks into repetitive steps to improve business processes. Rather than having humans perform each step, intelligent automation can replace steps with an intelligent software robot, improving efficiency. Intelligent automation integrates robotic process automation (RPA) with artificial intelligence techniques (such as machine learning, natural-language processing, and computer vision) enabling systems to interpret data, make decisions, and adapt to changing inputs. Modern platforms use a layered architecture combining workflow orchestration, low-code tools, integration middleware, and AI services to coordinate bots and data pipelines across organisational systems. == Applications == Intelligent automation is used to process unstructured content. Common real-world applications include self-driving cars, self-checkouts at grocery stores, smart home assistants, and appliances. Businesses can apply data and machine learning to build predictive analytics that react to consumer behavior changes, or to implement RPA to improve manufacturing floor operations. For example, the technology has also been used to automate the workflow behind distributing COVID-19 vaccines. Data provided by hospital systems’ electronic health records can be processed to identify and educate patients, and schedule vaccinations. Intelligent automation can provide real-time insights on profitability and efficiency. However, in an April 2022 survey by Alchemmy, despite three quarters of businesses acknowledging the importance of Artificial Intelligence to their future development, just a quarter of business leaders (25%) considered Intelligent Automation a “game changer” in understanding current performance. 42% of CTOs see “shortage of talent” as the main obstacle to implementing Intelligent Automation in their business, while 36% of CEOs see ‘upskilling and professional development of existing workforce’ as the most significant adoption barrier. IA is becoming increasingly accessible for firms of all sizes. With this in mind, it is expected to continue to grow rapidly in all industries. This technology has the potential to change the workforce. As it advances, it will be able to perform increasingly complex and difficult tasks. In addition, this may expose certain workforce issues as well as change how tasks are allocated. Tools such as Semrush's AI Visibility Toolkit and Enterprise AIO reflect these developments by analysing how entities are referenced and represented within responses produced by large-language-model-based systems. == Benefits == Streamline processes: Repetitive manual tasks can put a strain on the workforce. However, with AI agents, these tasks can be automated to allow teams to focus on more important matters that require human cognition. Intelligent automation can also be used to mitigate tasks with human error which in turn increases proficiency. This allows the opportunity for firms to scale production without the traditional negative consequences such as reduced quality or increased risk. Customer service improvement: Customer service can be significantly improved, providing the firm with a competitive advantage. IA utilizing chat features allows for instant curated responses to customers. In addition, it can give updates to customers, make appointments, manage calls, and personalize campaigns. Flexibility: Due to the wide range of applications, IA is useful across a variety of fields, technologies, projects and industries. In addition, IA can be integrated with current automated systems in place. This allows for optimized systems unique to each firm to best fit their individual needs. == Capabilities == Cognitive automation: Employs AI techniques to assist humans in decision-making and task completion Natural language processing: Allows computers to automate knowledge work Business process management: Enhances the consistency and agility of corporate operations Process mining: Applies data mining methods to discover, analyze, and improve business processes Intelligent document processing: Utilizes OCR and other advanced technologies to extract data from documents and convert it into structured, usable data Computer vision: Allows computers to extract information from digital images, videos, and other visual inputs Integration automation: Establishes a unified platform with automated workflows that integrate data, applications, and devices.
FedRAMP
The Federal Risk and Authorization Management Program (FedRAMP) is a United States federal government-wide compliance program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The US government describes FedRAMP as FISMA for the cloud. == Overview == The FedRAMP PMO mission is to promote the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment. Per the OMB memorandum, any cloud services that hold federal data must be FedRAMP authorized. FedRAMP prescribes the security requirements and processes that cloud service providers must follow in order for the government to use their service. There are two ways to authorize a cloud service through FedRAMP: a Joint Authorization Board (JAB) provisional authorization (P-ATO), and through individual agencies. FedRAMP provides accreditation for cloud services for the various cloud offering models which are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service, (SaaS). == History == In 2011, the Office of Management and Budget (OMB) released a memorandum establishing FedRAMP "to provide a cost-effective, risk-based approach for the adoption and use of cloud services to Executive departments and agencies." The General Services Administration (GSA) established the FedRAMP Program Management Office (PMO) in June 2012. Before the introduction of FedRAMP, individual federal agencies managed their own assessment methodologies following guidance set by the Federal Information Security Management Act of 2002. == Governance and applicable laws == FedRAMP is governed by different Executive Branch entities that collaborate to develop, manage, and operate the program. These entities include: The Office of Management and Budget (OMB): The governing body that issued the FedRAMP policy memo, which defines the key requirements and capabilities of the program The Joint Authorization Board (JAB): The primary governance and decision-making body for FedRAMP comprises the chief information officers (CIOs) from the Department of Homeland Security (DHS), General Services Administration (GSA), and Department of Defense (DOD) The National Institute of Standards and Technology (NIST): Advises FedRAMP on FISMA compliance requirements and assists in developing the standards for the accreditation of independent 3PAOs The Department of Homeland Security (DHS): Manages the FedRAMP continuous monitoring strategy including data feed criteria, reporting structure, threat notification coordination, and incident response The Federal Chief Information Officers (CIO) Council: Disseminates FedRAMP information to Federal CIOs and other representatives through cross-agency communications and events The FedRAMP PMO: Established within GSA and responsible for the development of the FedRAMP program, including the management of day-to-day operations There are several laws, mandates, and policies that are foundational to FedRAMP. FISMA–the Federal Information Security Modernization Act–requires that agencies authorize the information systems that they use. The US government describes FedRAMP as FISMA for the cloud. The FedRAMP Policy Memo requires federal agencies to use FedRAMP when assessing, authorizing, and continuously monitoring cloud services in order to aid agencies in the authorization process as well as save government resources and eliminate duplicative efforts. FedRAMP's security baselines are derived from NIST SP 800-53 (as revised) with a set of control enhancements that pertain to the unique security requirements of cloud computing. == Third-party assessment organizations == Third-party assessment organizations (3PAOs) play a critical role in the FedRAMP security assessment process, as they are the independent assessment organizations that verify cloud providers' security implementations and provide the overall risk posture of a cloud environment for a security authorization decision. Accredited by the American Association for Laboratory Accreditation (A2LA), these assessment organizations must demonstrate independence and the technical competence required to test security implementations and collect representative evidence. == FedRAMP Marketplace == The FedRAMP Marketplace provides a searchable, sortable database of Cloud Service Offerings (CSOs) that have achieved a FedRAMP designation. 3PAOs, accredited auditors that can perform the FedRAMP assessment, are listed within the Marketplace. The FedRAMP Marketplace is maintained by the FedRAMP Program Management Office (PMO). == Security and authorization concerns == A 2026 ProPublica investigation found that FedRAMP entered into a partnership with Microsoft despite considerable concerns about the security of its cloud technology.
Grokking (machine learning)
In machine learning, grokking, or delayed generalization, is a phenomenon observed in some settings where a model abruptly transitions from overfitting (performing well only on training data) to generalizing (performing well on both training and test data), after many training iterations with little or no improvement on the held-out data. This contrasts with what is typically observed in machine learning, where generalization occurs gradually alongside improved performance on training data. == Origin == Grokking was introduced by OpenAI researcher Alethea Power and colleagues in the January 2022 paper "Grokking: Generalization Beyond Overfitting on Small Algorithmic Datasets". It is derived from the word grok coined by Robert Heinlein in his novel Stranger in a Strange Land. In ML research, "grokking" is not used as a synonym for "generalization"; rather, it names a sometimes-observed delayed‑generalization training phenomenon in which training and held‑out performance do not improve in tandem, and in which held‑out performance rises abruptly later. Authors also analyze the "grokking time", the epoch or step at which this transition occurs in those scenarios. == Interpretations == Grokking can be understood as a phase transition during the training process. In particular, recent work has shown that grokking may be due to a complexity phase transition in the model during training. While grokking has been thought of as largely a phenomenon of relatively shallow models, grokking has been observed in deep neural networks and non-neural models and is the subject of active research. One potential explanation is that the weight decay (a component of the loss function that penalizes higher values of the neural network parameters, also called regularization) slightly favors the general solution that involves lower weight values, but that is also harder to find. According to Neel Nanda, the process of learning the general solution may be gradual, even though the transition to the general solution occurs more suddenly later. Recent theories have hypothesized that grokking occurs when neural networks transition from a "lazy training" regime where the weights do not deviate far from initialization, to a "rich" regime where weights abruptly begin to move in task-relevant directions. Follow-up empirical and theoretical work has accumulated evidence in support of this perspective, and it offers a unifying view of earlier work as the transition from lazy to rich training dynamics is known to arise from properties of adaptive optimizers, weight decay, initial parameter weight norm, and more. This perspective is complementary to a unifying "pattern learning speeds" framework that links grokking and double descent; within this view, delayed generalization can arise across training time ("epoch‑wise") or across model size ("model‑wise"), and the authors report "model‑wise grokking".