The present invention relates to a computationally implemented method wherein the computationally implemented method enables its use on the user smart device and run on Android/IOS platforms. The present invention enables at least one user to use the computationally implemented method on a smart device and also enables at least one mentor to use the same computationally implemented method at the same time, wherein the use of this computationally implemented method by the mentor enables the mentor to control the computationally implemented method of the user through the lockdown mode. The lockdown mode of the mentor enables him/her to control the computationally implemented method of the user and thus lock the smart device of the user to restrain the user from opening any other application, close out of the computationally implemented method, or receive any notification during the use of the computationally implemented method.

A system, method, and apparatus for identifying and removing malicious applications are disclosed. An example apparatus includes an executable application configured to collect data regarding processes operating on a client device during a time period. The executable application is also configured to purposefully access, during the time period, an application server using a web browser on the client device in an attempt to trigger a malicious application potentially located on the client device. The executable application is configured to transmit, after the time period, the collected data to an analysis server to determine whether the malicious application is located on the client device.

Systems and methods for implementing access control by systems-on-chip (SoCs). An example SoC may comprise an access control unit employed to: receive a message comprising an access control data item; validate the message using a value of a message digest function of contents of the message and a value of a state variable reflecting a state of communications between the access control unit and a programming agent that has initiated the message, wherein the value of the state variable is derived from a previous value of the message digest function calculated within a current communication session between the access control unit and the programming agent; update the state variable using the value of the message digest function of the contents of the message; and control, using the access control data item, access by an initiator device to a target device.

Disclosed is a computer and method in a computer that detects attachment of an external device. A determination may be made whether the external device is trusted or untrusted. When the external device is deemed to be trusted, a first device stack may be instantiated in a first OS executing on the computer to conduct interactions with the external device. When the external device is deemed to be untrusted, a second device stack may be instantiated in a second OS executing on the computer to conduct interactions with the external device.

A content hosting service provides an interface for enabling content owners to upload controlled video and specify conditions for monitoring and hosting it on the hosting service. Plural fingerprints are extracted from the controlled video and used to detect use of the controlled video on pages of the hosting service. The fingerprint extraction and evaluation enables extent of copying to be determined. The interface also allows owners to specify context in which controlled video may be used. Results of monitoring are provided in a graphical user interface that depicts matches of the controlled video and extent of copying of the controlled video in matching monitored video.

A method includes detecting a storage device at a protected node and determining whether the storage device has been checked-in for use with at least the protected node. The method also includes granting access to the storage device in response to determining that the storage device has been checked-in for use with at least the protected node. The method further includes blocking access to the storage device in response to determining that the storage device has not been checked-in for use with at least the protected node. The method may also include determining whether a file on the storage device has been checked-in for use with at least the protected node. Meaningful access to the file is granted or blocked in response to determining that the file has or has not been checked-in for use with at least the protected node.

Anti-malware process protection techniques are described. In one or more implementations, an anti-malware process is launched. The anti-malware process is verified based at least in part on an anti-malware driver that contains certificate pairs which contain an identity that is signed with the trusted certificate from a verified source. After the anti-malware process is verified, the anti-malware process may be assigned a protection level, and an administrative user may be prevented from altering the anti-malware process.

A data processing host includes a program running environment and a first isolation environment. The first isolation environment is isolated from the program running environment. The host operates in a non-secure mode in the program running environment, and operates in a secure mode in the first isolation environment. The program running environment includes a virtual instance operating in the non-secure mode, and the first isolation environment corresponds to the virtual instance in the program running environment. The first isolation environment includes an operating system in the secure mode and a resource allocated to the first isolation environment and comprising a first isolation space for running the operation system and a secure processing program, which corresponds to a program in the virtual instance and is for processing to-be-processed data.

Disclosed embodiments relate to a system having a processor adapted to activate multiple security levels for the system and a monitoring device coupled to the processor and employing security rules pertaining to the multiple security levels. The monitoring device restricts usage of the system if the processor activates the security levels in a sequence contrary to the security rules.

The subject matter of this specification can be embodied in, among other things, a method that includes receiving at a computing device that is in a locked state, one or more user inputs to unlock the device and to execute at least one command that is different from a command for unlocking the device. The method further includes executing in response to the user inputs to unlock the device an unlocking operation by the device to convert the device from a locked state to an unlocked state. The method further includes executing the at least one command in response to receiving the user inputs to execute the at least one command. The at least one command executes so that results of executing the at least one command are first displayed on the device to a user automatically after the device changes from the locked state to the unlocked state.