RISKS Forum mailing list archives
Risks Digest 33.90
From: RISKS List Owner <risko () csl sri com>
Date: Thu, 19 Oct 2023 19:28:27 PDT
RISKS-LIST: Risks-Forum Digest Thursday 19 October 2023 Volume 33 : Issue 90 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/33.90> The current issue can also be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: How ChatGPT and other AI tools could disrupt scientific publishing (Nature) `Algorithmic destruction' and the deep algorithmic problems of AI and copyright (San Francisco Chronicle) A Chatbot Encouraged Him to Kill the Queen. It's Just the Beginning (WiReD) Dilemma of the Artificial Intelligence Regulatory Landscape (CACM Vol 66 No 9) Experts Worry as Facial Recognition Comes to Airports and Deepfake Election Interference in Slovakia (Bruce Schneier) A big win in our fight to reclaim the Internet! (Mozilla) Win $12k by rediscovering the secret phrases that secure the Internet (New Scientist) Your old phone is safe for longer than you think (WashPost) How do you get out of a $28,000 timeshare mistake? (Eliott) The TSA wants to put a government tracking app on your smartphone (PapersPlease) New York Bill Would Require a Criminal Background Check to Buy a 3D Printer (Gizmodo) Burned-out parents seek help from a new ally: ChatGPT (geoff goodfellow) Allied Spy Chiefs Warn of Chinese Espionage Targeting Tech Firms (NYTimes) Top crypto firms named in $1bn fraud lawsuit (BBC) The secret life of Jimmy Zhong, who stole and lost more than $3B (CNBC) Why do people fall for grief scams? (Rob Slade) Remote Driving Is a Sneaky Shortcut to the Robotaxi (WiReD) Re: Autonomous Vehicles Are Driving Blind (Chris Volpe) Re: False news spreads faster than the truth (Amos Shapir) Re: Vermont Utility Plans to End Outages by Giving Customers Batteries (John Levine) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Sat, 14 Oct 2023 09:52:05 -0700 From: Steve Bacher <sebmb1 () verizon net> Subject: How ChatGPT and other AI tools could disrupt scientific publishing (Nature) https://www.nature.com/articles/d41586-023-03144-w When radiologist Domenico Mastrodicasa finds himself stuck while writing a research paper, he turns to ChatGPT, the chatbot that produces fluent responses to almost any query in seconds. “I use it as a sounding board,” says Mastrodicasa, who is based at the University of Washington School of Medicine in Seattle. “I can produce a publication-ready manuscript much faster.” [I am reminded of Fred Brooks and Bill Wright doing a Markov chain analysis of 37 common-meter hymn tunes, and Al Hopkins and I a year later in Tony Oettinger's statistical linguistics seminar (1954-1955) randomly generating more than 600 hymn tunes consistent with various chain lengths in weekend runs on the Harvard Mark IV. This is documented in our paper, An Experiment in Musical Composition, IRE Transactions on Electronic Computers EC-6, 175-182, September 1957. You can find it on the Web. Harvard Poet David McCord wrote these common-meter lyrics, which he read at the introduction of a Univac 1 (taking literary liberty with the identity of the computer): O God, our help in ages past, Thy help we now eschew. Hymn tunes on Univac at last, Dear God, for Thee, for You. We turn them out almighty fast, Ten books to every pew. Our HymnBot almost 70 years ago was obviously a very primitive small-language precursor of the current ChatBot rage. PGN] ------------------------------ Date: September 24, 2023 10:06:15 JST From: Ellen Ullman <ullman () well com> Subject: `Algorithmic destruction' and the deep algorithmic problems of AI and copyright (San Francisco Chronicle) [From Dave Farber's IP distribution) Could ‘algorithmic destruction’ solve AI’s copyright issues? https://www.sfchronicle.com/tech/article/ai-artificial-intelligence-copyright-18374295.php By Chase DiFeliciantonio, 23 Sep 2023 Comments OpenAI’s ChatGPT is trained by “consuming” vast amounts of information online. Some authors have sued OpenAI alleging the company unfairly used their copyrighted works to teach its chatbots how to respond to written prompts. One way to fix that could be to employ “algorithmic destruction.” OpenAI’s ChatGPT is trained by “consuming” vast amounts of information online. Some authors have sued OpenAI alleging the company unfairly used their copyrighted works to teach its chatbots how to respond to written prompts. One way to fix that could be to employ “algorithmic destruction.” Richard Drew/Associated Press If artificial intelligence mimics our brains, does that mean it too can unlearn something it knows? That question is central to lawsuits filed by a range of creatives who say their copyrighted work was infringed by OpenAI and Meta. But making an AI “forget” isn’t the same as removing the blocky chips from HAL 9000’s digital brain in “2001: A Space Odyssey.” In fact, the lawsuits raise the question: is “unlearning” even possible for an AI? And, if not, are there other ways to ensure generative AI programs don’t draw from copyrighted material, short of tearing them down? Enter “algorithmic destruction,” a term that entails trashing an AI model that may have taken years and millions of dollars to train, then rebuilding it from scratch by inputting only fair-use text, images and data. That would be “the most extreme remedy” to issues highlighted in lawsuits like those filed against OpenAI and Meta, said Pamela Samuelson, a UC Berkeley professor and expert in generative AI and copyright law. But, she said, it’s not unthinkable. Here’s how it might work: Since AI models aren't some baby powder that can be easily recalled and remade after slapping a company with a fine, there are basically three approaches given the current way the technology works, plus one more path that would change how it “thinks,” said UC Berkeley professor and computer scientist Matei Zaharia: Destroy the model. “Screen” results that include copyrighted material. Retrain the model. A fourth route would be to invent models that work more like a super-smart web search, and which can cite sources unlike chatbots such as GPT-3 which, similar to a human brain, doesn't always know where it learned something, or whether it’s totally accurate. That way programmers could, in theory, pull documents from a model’s training set — like nodes of the HAL 9000’s processor — so the program could no longer reference them when asked a question, said Zaharia, who is working on that kind of approach. With the way the dominant generative AI technology works for now, though, “it’s hard to make models forget specific content,” said Zaharia, who is also the co-founder and CTO of San Francisco’s Databricks. The easiest way to keep a program from spitting out information it shouldn’t “would probably be after your model generates something, but before you send it back to the user, you check, ‘Is this really close to something’ ” like a copyrighted work, Zaharia said. Telling the program to skate around copyrighted material, specifically, would probably not work since, like a toddler with superpowers, “it doesn't really know” what is copyrighted and what isn’t, Zaharia said. ------------------------------ Date: Thu, 19 Oct 2023 01:04:01 -0400 From: Gabe Goldberg <gabe () gabegold com> Subject: A Chatbot Encouraged Him to Kill the Queen. It's Just the Beginning (WiReD) Companies are designing AI to appear increasingly human. That can mislead users—or worse. Humans are prone to see two dots and a line and think they’re a face. When they do it to chatbots, it’s known as the Eliza effect. The name comes from the first chatbot, Eliza, developed by MIT scientist Joseph Weizenbaum in 1966. Weizenbaum noticed users were ascribing erroneous insights to a text generator simulating a therapist. [...] Mental health chatbots may carry similar risks. Jodi Halpern, a professor of bioethics at UC Berkeley, whose work has challenged the idea of using AI chatbots to help meet the rising demand for mental health care, has become increasingly concerned by a marketing push to sell these apps as caring companions. She's worried that patients are being encouraged to develop dependent relationships—of “trust, intimacy, and vulnerability”—with an app. This is a form of manipulation, Halpern says. And should the app fail the user, there is often no mental health professional ready to come to their aid. Artificial intelligence cannot stand in for human empathy, she says. https://www.wired.com/story/chatbot-kill-the-queen-eliza-effect ------------------------------ Date: Sun, 15 Oct 2023 16:49:04 -0400 From: Cliff Kilby <cliffjkilby () gmail com> Subject: Dilemma of the Artificial Intelligence Regulatory Landscape (CACM Vol 66 No 9) In the opinion piece "Dilemma of the Artificial Intelligence Regulatory Landscape": Wu and Liu note that with rapid expansion of LLMs and progress towards true AI regulatory frameworks are woefully unprepared. The authors are of the opinion that implementation of new features should be accelerated regardless of the regulatory gaps stating ``We have found the key to settling concerns is to clearly convey the message that potential benefits outweigh relevant risks.'' This is an extremely troubling approach that led to terrible things like the ozone hole over Antarctica, and one that I would caution strongly against. Doubly so, considering that LLMs are regularly demonstrating they provide at least as many risks as benefits, if not more so. Copyright lawsuits, Intellectual Property disputes and even a case of Libel have all appeared in relation to LLMs. In summation, I disagree. ------------------------------ Date: Sun, 15 Oct 2023 18:13:54 -0400 From: Gabe Goldberg <gabe () gabegold com> Subject: Experts Worry as Facial Recognition Comes to Airports and Cruises (The New York Times) Facial recognition software is speeding up check-in at airports, cruise ships and theme parks, but experts worry about risks to security and privacy. Facial recognition technology will increasingly offer travelers shorter lines and fewer documents to juggle, but all that convenience may have a cost, warned Jay Stanley, a senior policy analyst at the American Civil Liberties Union. By accepting more surveillance technology, he said, “we open ourselves to tracking where we are and who we are with all the time.” https://www.nytimes.com/2023/10/13/travel/facial-recognition-airports-cruises.html?smid=nytcore-ios-share&referringSource=articleShare ------------------------------ Date: Sun, 15 Oct 2023 09:17:04 +0000 From: Bruce Schneier <schneier () schneier com> Subject: Deepfake Election Interference in Slovakia e [PGN-excerpted From CRYPTO-GRAM, 15 Oct 2023, among other superb analyses] [2023.10.06] [https://www.schneier.com/blog/archives/2023/10/deepfake-election-interfer ence-in-slovakia.html] Well designed and well timed deepfake [https://www.wired.co.uk/article/slovakia-election-deepfakes] or two Slovakian politicians discussing how to rig the election:
=C5=A0ime=C4=8Dka and _Denn=C3=ADk N_ immediately denounced the audio as
fake. The fact-checking department of news agency AFP said [https://fakty.afp.com/doc.afp.com.33WY9LF] the audio showed signs of being manipulated using AI. But the recording was posted during a 48-hour moratorium ahead of the polls opening, during which media outlets and politicians are supposed to stay silent. That meant, under Slovakia's election rules, the post was difficult to widely debunk. And, because the post was audio, it exploited a loophole in Meta's manipulated-media policy, which dictates [https://transparency.fb.com/en-gb/policies/community-standards/manipulated-media/] only faked videos -- where a person has been edited to say words they never said -- go against its rules. I just wrote about this [https://theconversation.com/ai-disinformation-is-a-threat-to-elections-learning-to-spot-russian-chinese-and-iranian-meddling-in-other-countries-can-help-the-us-prepare-for-2024-214358]. Countries like Russia and China tend to test their attacks out on smaller countries before unleashing them on larger ones. Consider this a preview to their actions in the US next year. [See also an excellent long item that precedes this one: Political Disinformation and AI [2023.10.05] [https://www.schneier.com/blog/archives/2023/10/political-disinformation-and-ai.html] Elections around the world are facing an evolving threat from foreign actors, one that involves artificial intelligence ------------------------------ Date: Thu, 12 Oct 2023 13:50:55 +0000 (UTC) From: Mozilla <mozilla () email mozilla org> Subject: A big win in our fight to reclaim the Internet! The so-called *impossible* has happened! It was widely believed that YouTube was too big and too powerful to change its behaviour in response to public pressure. But we didn't accept that. Following years of campaigning, research, and policy advocacy by Mozilla, YouTube has announced it will share data with researchers. This change, as pd art of the platform's required compliance of the European Union's Digital Services Act, will provide independent researchers with critical public data -- data that will allow the outside world to better understand how to stop YouTube from recommending dangerous and harmful content. This victory belongs to hundreds of thousands of Mozilla supporters -- to the people who: Donated their data to RegretsReporter, our browser extension that helped aggregate YouTube recommendations for researchers and that has been influential in shaping the EU's Digital Services Act (DSA) regulation; Shared their stories of how their lives and well-being had been impacted by YouTube's recommendations; and Signed petitions and chipped in to support multiple fronts of our campaigning work that made this victory possible. It's a result of long-term movement building work -- the exact type of work that is made possible by the continued support of Mozilla supporters. And it's a result of our work with dozens of organisations that supported our recommendations for public data sharing under the DSA. And wins like these prove that together, the Mozilla community is capable of taking on globally dominant platforms like YouTube -- and winning. [...] ------------------------------ Date: Sun, 15 Oct 2023 18:34:39 -0400 From: Monty Solomon <monty () roscom com> Subject: Win $12k by rediscovering the secret phrases that secure the Internet (New Scientist) Win $12k by rediscovering the secret phrases that secure the Internet Five secret phrases used to create the encryption algorithms that secure everything from online banking to email have been lost to history -- but now cryptographers are offering a bounty to rediscover them https://www.newscientist.com/article/2396724-win-12k-by-rediscovering-the-secret-phrases-that-secure-the-internet/ ------------------------------ Date: Sat, 14 Oct 2023 22:28:09 -0400 From: Monty Solomon <monty () roscom com> Subject: Your old phone is safe for longer than you think (WashPost) Smartphone makers fix security flaws on your device for four to eight years or more, giving you comfort that you can hold onto your phone if you wish. https://www.washingtonpost.com/technology/2023/10/13/security-updates-ios-an ------------------------------ Date: Sun, 15 Oct 2023 18:19:01 -0400 From: Gabe Goldberg <gabe () gabegold com> Subject: How do you get out of a $28,000 timeshare mistake? (Eliott) Ling Lu Yamaki wanted to get out of her timeshare with Hilton Grand Vacations after she discovered a serious problem with it. Yamaki asked the company to cancel the $28,000 contract she and her husband had agreed to pay for their timeshare after attending a presentation in Las Vegas, but it said no. https://www.elliott.org/advocacy/how-do-you-get-out-of-a-28000-timeshare-mistake-definitely-not-like-this/ The risk? Lying companies and agreements nobody reads. ------------------------------ Date: Mon, 16 Oct 2023 09:24:36 -0400 From: Monty Solomon <monty () roscom com> Subject: The TSA wants to put a government tracking app on your smartphone (PapersPlease) https://papersplease.org/wp/2023/10/16/the-tsa-wants-to-put-a-government-tracking-app-on-your-smartphone/ [Technological solutions of this kind won't, especially by themselves. PGN] ------------------------------ Date: Mon, 16 Oct 2023 17:38:16 -0700 From: Lauren Weinstein <lauren () vortex com> Subject: New York Bill Would Require a Criminal Background Check to Buy a 3D Printer (Gizmodo) [Ridiculous] https://gizmodo.com/new-york-bill-criminal-background-check-buy-3d-print er-1850930407 [Legal solutions of this kind won't work, especially by themselves. PGN] ------------------------------ Date: Sat, 14 Oct 2023 07:49:04 -0700 From: geoff goodfellow <geoff () iconia com> Subject: Burned-out parents seek help from a new ally: ChatGPT ChatGPT's latest job is to be mom and dad's brilliant sidekick. Parents of kids of all ages are using the chatbot to help raise their children. Why it matters: The tool has the potential to ease the burden on burned-out, over-scheduled parents. <https://www.axios.com/2022/05/31/parents-schools-uvalde-baby-formula-race>= But it's no replacement for a human's judgment -- especially regarding what's best for their kids. What's happening: ChatGPT excels at brainstorming and researching -- both functions that can be uniquely useful to parents, says Celia Quillian, a product marketer in Atlanta who runs a TikTok account advising followers on creative ways to use the robot. - The chatbot could plan an 8-year-old's mermaid-themed birthday party in seconds, offering drink ideas like mermaid fruit punch -- blue= Gatorade with floating gummy fish -- and snack ideas like seashell cookies. - It can conjure up a chore chart for a group of young siblings, tailoring the tasks so they're appropriate for each age. For example, a 7-year-old might start with picking up toys, while their 13-year-old sibling vacuums the living room. - It can even answer age-old questions that kids ask exasperated parents. Think, "Why is the sky blue?" The chatbot will feed you an answer fit for a 4-year-old. Zoom in: Some parents are using the chatbot to navigate even bigger milestones in their children's lives. [...] https://www.axios.com/2023/10/14/chatgpt-parents-ai-chatbot ------------------------------ Date: Wed, 18 Oct 2023 06:25:21 -0400 From: "Jan Wolitzky" <jan.wolitzky () gmail com> Subject: Allied Spy Chiefs Warn of Chinese Espionage Targeting Tech Firms (NYTimes) The United States and its allies vowed this week to do more to counter Chinese theft of technology, warning at an unusual gathering of intelligence leaders that Beijing’s espionage is increasingly trained not on the hulking federal buildings of Washington but the shiny office complexes of Silicon Valley. The intelligence chiefs sought to engage private industry in combating what one official called an *unprecedented threat* on Tuesday as they discussed how to better protect new technologies and help Western countries keep their edge over China. The choice of meeting venue -— Stanford University, in Silicon Valley —- was strategic. While Washington is often considered the key espionage battleground in the United States, FBI officials estimate that more than half of Chinese espionage focused on stealing American technology takes place in the Bay Area. It was the first time the heads of the FBI and Britain's MI5 and their counterparts from Australia, Canada and New Zealand had gathered for a public discussion of intelligence threats. It was, in effect, a summit of the spy hunters, the counterintelligence agencies whose job it is to detect and stop efforts by China to steal allied secrets. “That unprecedented meeting is because we are dealing with another unprecedented threat,” said Christopher A. Wray, the FBI director. “There is no greater threat to innovation than the Chinese government.” https://www.nytimes.com/2023/10/18/us/politics/china-spying-technology.html ------------------------------ Date: Thu, 19 Oct 2023 13:00:40 -0600 From: Matthew Kruk <mkrukg () gmail com> Subject: Top crypto firms named in $1bn fraud lawsuit (BBC) https://www.bbc.com/news/business-67161638 U.S. prosecutors have accused three high-profile cryptocurrency firms of defrauding investors of more than $1bn. New York Attorney General Letitia James said Gemini, a crypto exchange, had lied to customers about the risks of an investment account it offered, which paid high interest rates on crypto. Genesis, a crypto lender, and its parent company Digital Currency Group were also involved in the programme. It was halted last November, cutting off customer access to funds. ------------------------------ Date: Wed, 18 Oct 2023 12:17:05 +0800 From: Li Gong <ligongsf () gmail com> Subject: The secret life of Jimmy Zhong, who stole and lost more than $3B <https://www.cnbc.com/2023/10/17/crypto911.html> ------------------------------ Date: Thu, 19 Oct 2023 12:41:04 -0700: From: Rob Slade <rslade () gmail com> Subject: Why do people fall for grief scams? [Long and personal item, a bit off topic, but could be worth reading, especially if you have a grief problem. PGN] https://fibrecookery.blogspot.com/2023/10/why-do-people-fall-for-grief-scams.html ------------------------------ Date: Thu, 19 Oct 2023 01:26:05 -0400 From: Gabe Goldberg <gabe () gabegold com> Subject: Remote Driving Is a Sneaky Shortcut to the Robotaxi (WiReD) German startup Vay is pushing teledriving -- in which cars are remotely operated by humans -- as easier to achieve than fully autonomous driving. On the busy streets of suburban Berlin, just south of Tempelhofer Feld, a white Kia is skillfully navigating double-parked cars, roadworks, cyclists, and pedestrians. Dan, the driver, strikes up a conversation with his passengers, remarking on the changing traffic lights and the sound of an ambulance screaming past in the other direction. But Dan isn’t in the car. Instead, he’s half a mile away at the offices of German startup Vay. The company kits its cars out with radar, GPS, ultrasound, and an array of other sensors to allow drivers like Dan to control the vehicles remotely from a purpose-built station equipped with a driver’s seat, steering wheel, pedals, and three monitors providing visibility in front of the car and to its side. https://www.wired.com/story/a-sneaky-shortcut-to-driverless-cars ------------------------------ Date: Wed, 18 Oct 2023 13:41:31 +0000 From: Chris Volpe <cvolpe () ara com> Subject: Re: Autonomous Vehicles Are Driving Blind (NYTimes) For all the ballyhoo over the possibility of artificial intelligence threatening humanity someday, there's remarkably little discussion of the ways it is threatening humanity right now. When it comes to self-driving cars, we are driving blind. That's because with self-driving cars, as the technology improves, the threat is mitigated, whereas with other forms of AI (deep fakes, large language models, etc.), as the technology improves, the threat is exacerbated. ------------------------------ Date: Sun, 15 Oct 2023 17:35:26 +0300 From: Amos Shapir <amos083 () gmail com> Subject: Re: False news spreads faster than the truth (RISKS-33.88) Martin Ward writes (quoting Alvin Plantinga's "evolutionary argument against naturalism"): "Therefore, to assert that naturalistic evolution is true also asserts that one has a low or unknown probability of being right. Therefore, naturalism is self-defeating." The main flaw of Patinga's argument is of course that naturalistic evolution is not an idea or an opinion, but a scientific theory. Therefore, its veracity does not depend on a theoretical "probability of being right", but on hard evidence, attained through observation and experimentation. ------------------------------ Date: 12 Oct 2023 16:57:20 -0400 From: "John Levine" <johnl () iecc com> Subject: Re: Vermont Utility Plans to End Outages by Giving Customers Batteries (Baker, RISKS-33.89)
Terrific idea! How come it's taken this long for a utility to utilize the advantages of a *distributed* power system to reduce the need for long-distance power transmission?
Financial incentives, perverse state regulators, and the lack of cost-effective batteries until recently.
I'm still waiting for one of the cellphone companies to start paying homeowners to put nano cellsites on their roofs in order to avoid having to build stand-alone cellsites/towers.
Using what for backhaul? Every cableco I know forbids reselling your connection. Also, femtocells have very limited power and are only supposed to be used indoors because they can interfere with real cell towers. The real towers are designed by engineers and have licenses so they provide useful coverage and manage interference between cells. ------------------------------ Date: Sat, 1 Jul 2023 11:11:11 -0800 From: RISKS-request () csl sri com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: The mailman Web interface can be used directly to subscribe and unsubscribe: http://mls.csl.sri.com/mailman/listinfo/risks => SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line that includes the string `notsp'. Otherwise your message may not be read. *** This attention-string has never changed, but might if spammers use it. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you never send mail where the address becomes public! => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) has moved to the ftp.sri.com site: <risksinfo.html>. *** Contributors are assumed to have read the full info file for guidelines! => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's searchable html archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue. Also, ftp://ftp.sri.com/risks for the current volume/previous directories or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume If none of those work for you, the most recent issue is always at http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-33.00 ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001) *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. Apologies for what Office365 and SafeLinks may have done to URLs. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 33.90 ************************
Current thread:
- Risks Digest 33.90 RISKS List Owner (Oct 19)