What Proroguing UK Parliament means to Brexit – UK Parliament Suspension

Source: https://edition.cnn.com/2019/08/28/uk/uk-parliament-suspension-what-it-means-for-brexit-gbr-intl/index.html

 

the combination of repressive regimes with IT monopolies endows those regimes with a built-in advantage over open societies

Source: https://www.wired.com/story/mortal-danger-chinas-push-into-ai/

Governments and companies worldwide are investing heavily in artificial intelligence in hopes of new profits, smarter gadgets, and better health care. Financier and philanthropist George Soros told the World Economic Forum in Davos Thursday that the technology may also undermine free societies and create a new era of authoritarianism.

“I want to call attention to the mortal danger facing open societies from the instruments of control that machine learning and artificial intelligence can put in the hands of repressive regimes,” Soros said. He made an example of China, repeatedly calling out the country’s president, Xi Jinping.

China’s government issued a broad AI strategy in 2017, asserting that it would surpass US prowess in the technology by 2030. As in the US, much of the leading work on AI in China takes place inside a handful of large tech companies, such as search engine Baidu and retailer and payments company Alibaba.

Soros argued that AI-centric tech companies like those can become enablers of authoritarianism. He pointed to China’s developing “social credit” system, aimed at tracking citizens’ reputations by logging financial activity, online interactions, and even energy use, among other things. The system is still taking shape, but depends on data and cooperation from companies like payments firm Ant Financial, a spinout of Alibaba. “The social credit system, if it became operational, would give Xi Jinping total control over the people,” Soros said.

Soros argued that synergy like that between corporate and government AI projects creates a more potent threat than was posed by Cold War–era autocrats, many of whom spurned corporate innovation. “The combination of repressive regimes with IT monopolies endows those regimes with a built-in advantage over open societies,” Soros said. “They pose a mortal threat to open societies.”

Soros is far from the first to raise an alarm about the dangers of AI technology. It’s a favorite topic of Elon Musk, and last year Henry Kissinger called for a US government commission to examine the technology’s risks. Google cofounder Sergey Brin warned in Alphabet’s most recent annual shareholder letter that AI technology had downsides, including the potential to manipulate people. Canada and France plan to establish an intergovernmental group to study how AI changes societies.

The financier attempted to draft Donald Trump into his AI vigilance campaign. He advised the president to be tougher on Chinese telecoms manufacturers ZTE and Huawei, to prevent them from dominating the high-bandwidth 5G mobile networks being built around the world. Both companies are already reeling from sanctions by the US and other governments.

Soros also urged the well-heeled attendees of Davos to help forge international mechanisms to prevent AI-enhanced authoritarianism—and that could both include and contain China. He asked them to imagine a technologically oriented version of the treaty signed after World War II that underpins the United Nations, binding countries into common standards for human rights and freedoms.

Here is the text of Soros’s speech:

I want to use my time tonight to warn the world about an unprecedented danger that’s threatening the very survival of open societies.

Last year when I stood before you I spent most of my time analyzing the nefarious role of the IT monopolies. This is what I said: “An alliance is emerging between authoritarian states and the large data rich IT monopolies that bring together nascent systems of corporate surveillance with an already developing system of state sponsored surveillance. This may well result in a web of totalitarian control the likes of which not even George Orwell could have imagined.”

Tonight I want to call attention to the mortal danger facing open societies from the instruments of control that machine learning and artificial intelligence can put in the hands of repressive regimes. I’ll focus on China, where Xi Jinping wants a one-party state to reign supreme.

A lot of things have happened since last year and I’ve learned a lot about the shape that totalitarian control is going to take in China.

All the rapidly expanding information available about a person is going to be consolidated in a centralized database to create a “social credit system.” Based on that data, people will be evaluated by algorithms that will determine whether they pose a threat to the one-party state. People will then be treated accordingly.

The social credit system is not yet fully operational, but it’s clear where it’s heading. It will subordinate the fate of the individual to the interests of the one-party state in ways unprecedented in history.

I find the social credit system frightening and abhorrent. Unfortunately, some Chinese find it rather attractive because it provides information and services that aren’t currently available and can also protect law-abiding citizens against enemies of the state.

China isn’t the only authoritarian regime in the world, but it’s undoubtedly the wealthiest, strongest and most developed in machine learning and artificial intelligence. This makes Xi Jinping the most dangerous opponent of those who believe in the concept of open society. But Xi isn’t alone. Authoritarian regimes are proliferating all over the world and if they succeed, they will become totalitarian.

As the founder of the Open Society Foundations, I’ve devoted my life to fighting totalizing, extremist ideologies, which falsely claim that the ends justify the means. I believe that the desire of people for freedom can’t be repressed forever. But I also recognize that open societies are profoundly endangered at present.

What I find particularly disturbing is that the instruments of control developed by artificial intelligence give an inherent advantage to authoritarian regimes over open societies. For them, instruments of control provide a useful tool; for open societies, they pose a mortal threat.

I use “open society” as shorthand for a society in which the rule of law prevails as opposed to rule by a single individual and where the role of the state is to protect human rights and individual freedom. In my personal view, an open society should pay special attention to those who suffer from discrimination or social exclusion and those who can’t defend themselves.

By contrast, authoritarian regimes use whatever instruments of control they possess to maintain themselves in power at the expense of those whom they exploit and suppress.

How can open societies be protected if these new technologies give authoritarian regimes a built-in advantage? That’s the question that preoccupies me. And it should also preoccupy all those who prefer to live in an open society.

Open societies need to regulate companies that produce instruments of control, while authoritarian regimes can declare them “national champions.” That’s what has enabled some Chinese state-owned companies to catch up with and even surpass the multinational giants.

This, of course, isn’t the only problem that should concern us today. For instance, man-made climate change threatens the very survival of our civilization. But the structural disadvantage that confronts open societies is a problem which has preoccupied me and I’d like to share with you my ideas on how to deal with it.

My deep concern for this issue arises out of my personal history. I was born in Hungary in 1930 and I’m Jewish. I was 13 years old when the Nazis occupied Hungary and started deporting Jews to extermination camps.

I was very fortunate because my father understood the nature of the Nazi regime and arranged false identity papers and hiding places for all members of his family, and for a number of other Jews as well. Most of us survived.

The year 1944 was the formative experience of my life. I learned at an early age how important it is what kind of political regime prevails. When the Nazi regime was replaced by Soviet occupation I left Hungary as soon as I could and found refuge in England.

At the London School of Economics I developed my conceptual framework under the influence of my mentor, Karl Popper. That framework proved to be unexpectedly useful when I found myself a job in the financial markets. The framework had nothing to do with finance, but it is based on critical thinking. This allowed me to analyze the deficiencies of the prevailing theories guiding institutional investors. I became a successful hedge fund manager and I prided myself on being the best paid critic in the world.

Running a hedge fund was very stressful. When I had made more money than I needed for myself or my family, I underwent a kind of midlife crisis. Why should I kill myself to make more money? I reflected long and hard on what I really cared about and in 1979 I set up the Open Society Fund. I defined its objectives as helping to open up closed societies, reducing the deficiencies of open societies and promoting critical thinking.

My first efforts were directed at undermining the apartheid system in South Africa. Then I turned my attention to opening up the Soviet system. I set up a joint venture with the Hungarian Academy of Science, which was under Communist control, but its representatives secretly sympathized with my efforts. This arrangement succeeded beyond my wildest dreams. I got hooked on what I like to call “political philanthropy.” That was in 1984.

In the years that followed, I tried to replicate my success in Hungary and in other Communist countries. I did rather well in the Soviet empire, including the Soviet Union itself, but in China it was a different story.

My first effort in China looked rather promising. It involved an exchange of visits between Hungarian economists who were greatly admired in the Communist world, and a team from a newly established Chinese think tank which was eager to learn from the Hungarians.

Based on that initial success, I proposed to Chen Yizi, the leader of the think tank, to replicate the Hungarian model in China. Chen obtained the support of Premier Zhao Ziyang and his reform-minded policy secretary Bao Tong.

A joint venture called the China Fund was inaugurated in October 1986. It was an institution unlike any other in China. On paper, it had complete autonomy.

Bao Tong was its champion. But the opponents of radical reforms, who were numerous, banded together to attack him. They claimed that I was a CIA agent and asked the internal security agency to investigate. To protect himself, Zhao Ziyang replaced Chen Yizi with a high-ranking official in the external security police. The two organizations were co-equal and they couldn’t interfere in each other’s affairs.

I approved this change because I was annoyed with Chen Yizi for awarding too many grants to members of his own institute and I was unaware of the political infighting behind the scenes. But applicants to the China Fund soon noticed that the organization had come under the control of the political police and started to stay away. Nobody had the courage to explain to me the reason for it.

Eventually, a Chinese grantee visited me in New York and told me, at considerable risk to himself. Soon thereafter, Zhao Ziyang was removed from power and I used that excuse to close the foundation. This happened just before the Tiananmen Square massacre in 1989 and it left a “black spot” on the record of the people associated with the foundation. They went to great length to clear their names and eventually they succeeded.

In retrospect, it’s clear that I made a mistake in trying to establish a foundation which operated in ways that were alien to people in China. At that time, giving a grant created a sense of mutual obligation between the donor and recipient and obliged both of them to remain loyal to each other forever.

So much for history. Let me now turn to the events that occurred in the last year, some of which surprised me.

When I first started going to China, I met many people in positions of power who were fervent believers in the principles of open society. In their youth they had been deported to the countryside to be re-educated, often suffering hardships far greater than mine in Hungary. But they survived and we had much in common. We had all been on the receiving end of a dictatorship.

They were eager to learn about Karl Popper’s thoughts on the open society. While they found the concept very appealing, their interpretation remained somewhat different from mine. They were familiar with Confucian tradition, but there was no tradition of voting in China. Their thinking remained hierarchical and carried a built-in respect for high office. I, on the other hand I was more egalitarian and wanted everyone to have a vote.

So, I wasn’t surprised when Xi Jinping ran into serious opposition at home; but I was surprised by the form it took. At last summer’s leadership convocation at the seaside resort of Beidaihe, Xi Jinping was apparently taken down a peg or two. Although there was no official communique, rumor had it that the convocation disapproved of the abolition of term limits and the cult of personality that Xi had built around himself.

It’s important to realize that such criticisms were only a warning to Xi about his excesses, but did not reverse the lifting of the two-term limit. Moreover, “The Thought of Xi Jinping,” which he promoted as his distillation of Communist theory was elevated to the same level as the “Thought of Chairman Mao.” So Xi remains the supreme leader, possibly for lifetime. The ultimate outcome of the current political infighting remains unresolved.

I’ve been concentrating on China, but open societies have many more enemies, Putin’s Russia foremost among them. And the most dangerous scenario is when these enemies conspire with, and learn from, each other on how to better oppress their people.

The question poses itself, what can we do to stop them?

The first step is to recognize the danger. That’s why I’m speaking out tonight. But now comes the difficult part. Those of us who want to preserve the open society must work together and form an effective alliance. We have a task that can’t be left to governments.

History has shown that even governments that want to protect individual freedom have many other interests and they also give precedence to the freedom of their own citizens over the freedom of the individual as a general principle.

My Open Society Foundations are dedicated to protecting human rights, especially for those who don’t have a government defending them. When we started four decades ago there were many governments which supported our efforts but their ranks have thinned out. The US and Europe were our strongest allies, but now they’re preoccupied with their own problems.

Therefore, I want to focus on what I consider the most important question for open societies: what will happen in China?

The question can be answered only by the Chinese people. All we can do is to draw a sharp distinction between them and Xi Jinping. Since Xi has declared his hostility to open society, the Chinese people remain our main source of hope.

And there are, in fact, grounds for hope. As some China experts have explained to me, there is a Confucian tradition, according to which advisors of the emperor are expected to speak out when they strongly disagree with one of his actions or decrees, even that may result in exile or execution.

This came as a great relief to me when I had been on the verge of despair. The committed defenders of open society in China, who are around my age, have mostly retired and their places have been taken by younger people who are dependent on Xi Jinping for promotion. But a new political elite has emerged that is willing to uphold the Confucian tradition. This means that Xi will continue to have a political opposition at home.

Xi presents China as a role model for other countries to emulate, but he’s facing criticism not only at home but also abroad. His Belt and Road Initiative has been in operation long enough to reveal its deficiencies.

It was designed to promote the interests of China, not the interests of the recipient countries; its ambitious infrastructure projects were mainly financed by loans, not by grants, and foreign officials were often bribed to accept them. Many of these projects proved to be uneconomic.

The iconic case is in Sri Lanka. China built a port that serves its strategic interests. It failed to attract sufficient commercial traffic to service the debt and enabled China to take possession of the port. There are several similar cases elsewhere and they’re causing widespread resentment.

Malaysia is leading the pushback. The previous government headed by Najib Razak sold out to China but in May 2018 Razak was voted out of office by a coalition led by Mahathir Mohamed. Mahathir immediately stopped several big infrastructure projects and is currently negotiating with China how much compensation Malaysia will still have to pay.

The situation is not as clear-cut in Pakistan, which has been the largest recipient of Chinese investments. The Pakistani army is fully beholden to China but the position of Imran Khan who became prime minister last August is more ambivalent. At the beginning of 2018, China and Pakistan announced grandiose plans in military cooperation. By the end of the year, Pakistan was in a deep financial crisis. But one thing became evident: China intends to use the Belt and Road Initiative for military purposes as well.

All these setbacks have forced Xi Jinping to modify his attitude toward the Belt and Road Initiative. In September, he announced that “vanity projects” will be shunned in favor of more carefully conceived initiatives and in October, the People’s Daily warned that projects should serve the interests of the recipient countries.

Customers are now forewarned and several of them, ranging from Sierra Leone to Ecuador, are questioning or renegotiating projects.

Most importantly, the US government has now identified China as a “strategic rival.” President Trump is notoriously unpredictable, but this decision was the result of a carefully prepared plan. Since then, the idiosyncratic behavior of Trump has been largely superseded by a China policy adopted by the agencies of the administration and overseen by Asian affairs advisor of the National Security Council Matt Pottinger and others. The policy was outlined in a seminal speech by Vice President Mike Pence on October 4th.

Even so, declaring China a strategic rival is too simplistic. China is an important global actor. An effective policy towards China can’t be reduced to a slogan.

It needs to be far more sophisticated, detailed and practical; and it must include an American economic response to the Belt and Road Initiative. The Pottinger plan doesn’t answer the question whether its ultimate goal is to level the playing field or to disengage from China altogether.

Xi Jinping fully understood the threat that the new US policy posed for his leadership. He gambled on a personal meeting with President Trump at the G20 meeting in Buenos Aires. In the meantime, the danger of global trade war escalated and the stock market embarked on a serious sell-off in December. This created problems for Trump who had concentrated all his efforts on the 2018 midterm elections. When Trump and Xi met, both sides were eager for a deal. No wonder that they reached one, but it’s very inconclusive: a ninety-day truce.

In the meantime, there are clear indications that a broad based economic decline is in the making in China, which is affecting the rest of the world. A global slowdown is the last thing the market wants to see.

The unspoken social contract in China is built on steadily rising living standards. If the decline in the Chinese economy and stock market is severe enough, this social contract may be undermined and even the business community may turn against Xi Jinping. Such a downturn could also sound the death knell of the Belt and Road Initiative, because Xi may run out of resources to continue financing so many lossmaking investments.

On the question of global internet governance, there’s an undeclared struggle between the West and China. China wants to dictate rules and procedures that govern the digital economy by dominating the developing world with its new platforms and technologies. This is a threat to the freedom of the Internet and indirectly open society itself.

Last year I still believed that China ought to be more deeply embedded in the institutions of global governance, but since then Xi Jinping’s behavior has changed my opinion. My present view is that instead of waging a trade war with practically the whole world, the US should focus on China. Instead of letting ZTE and Huawei off lightly, it needs to crack down on them. If these companies came to dominate the 5G market, they would present an unacceptable security risk for the rest of the world.

Regrettably, President Trump seems to be following a different course: make concessions to China and declare victory while renewing his attacks on US allies. This is liable to undermine the US policy objective of curbing China’s abuses and excesses.

To conclude, let me summarize the message I’m delivering tonight. My key point is that the combination of repressive regimes with IT monopolies endows those regimes with a built-in advantage over open societies. The instruments of control are useful tools in the hands of authoritarian regimes, but they pose a mortal threat to open societies.

China is not the only authoritarian regime in the world but it is the wealthiest, strongest and technologically most advanced. This makes Xi Jinping the most dangerous opponent of open societies. That’s why it’s so important to distinguish Xi Jinping’s policies from the aspirations of the Chinese people. The social credit system, if it became operational, would give Xi total control over the people. Since Xi is the most dangerous enemy of the open society, we must pin our hopes on the Chinese people, and especially on the business community and a political elite willing to uphold the Confucian tradition.

This doesn’t mean that those of us who believe in the open society should remain passive. The reality is that we are in a Cold War that threatens to turn into a hot one. On the other hand, if Xi and Trump were no longer in power, an opportunity would present itself to develop greater cooperation between the two cyber-superpowers.

It is possible to dream of something similar to the United Nations Treaty that arose out of the Second World War. This would be the appropriate ending to the current cycle of conflict between the US and China. It would reestablish international cooperation and allow open societies to flourish. That sums up my message.

Facebook knows so much about its users that it can link their accounts, even when created under different names, from different devices.

Source: https://www.wired.com/story/instagram-unlink-account-wont-unlink-facebook/

The settings on Instagram include a page devoted to the “Linked Accounts” feature. As you might expect, it displays … your linked accounts. Users have the option to connect to Twitter, Tumblr, and, of course, Instagram’s parent company, Facebook, among others.

On first glance, the feature appears pretty straightforward—apps that aren’t linked are shown in gray, linked apps appear in color. When it comes to Facebook, however, the feature may be misleading.

Like other platforms shown under the “Linked Accounts” menu on Instagram, the option to link your Facebook profile is ostensibly disabled by default. Users must tap the app’s grayed out logo and sign in before Instagram displays the two as connected. Once two profiles are connected, an option to “Unlink Account” appears in Instagram settings. Clicking there brings up a warning: “Unlinking makes it harder to get access to your Instagram account if you get locked out.”

Common sense suggests that if you unlink a Facebook account from your Instagram profile, you’ve unlinked that Facebook account from your Instagram profile. But like many things Facebook, common sense does not exactly apply here. Clicking Unlink Account does not actually unlink a Facebook account from Instagram, a Facebook spokesperson told WIRED, because it isn’t possible to separate the two. Even if a user never explicitly linked their Facebook and Instagram profiles, they are intrinsically connected—Finstagrams be damned—and will continue to be, regardless of how many times you mash “Unlink Account.”

That’s because the wealth of data that Facebook collects through its multiple services is more than enough to properly identify users’ various accounts and link them to one another. Even in cases where a different name, email address, or device was used to create each account—be it a throwaway WhatsApp profile, stalker Instagram account, or joke Facebook profile—Facebook often is able to suss out who is actually behind the account and whether they have accounts on other Facebook-owned apps.

“Because Facebook and Instagram share infrastructure, systems and technology, we connect information about your activities across our services based on a variety of signals,” a Facebook spokesperson told WIRED. “Linking or unlinking your accounts in the app doesn’t affect this.”

The disclosure comes as Facebook moves to integrate previously independent apps such as Instagram and WhatsApp. Messenger, Instagram, and WhatsApp are being combined into one mega-chat app (problematic enough on its own), while Instagram and WhatsApp have been rechristened as “Instagram from Facebook” and “WhatsApp from Facebook.”

But even as the apps are being woven more tightly together, they’re not all equal in the minds of Facebook executives. The Linked Accounts feature on Instagram appears designed to funnel traffic to Facebook, where user growth has flatlined, as Instagram’s growth continues apace. Meanwhile, Facebook last year made a contentious decision to stop funneling traffic to Instagram.

The spokesperson said Facebook began linking accounts behind the scenes based on data it had gathered about users shortly after it acquired Instagram in 2012. The spokesperson said that Facebook collects and connects this information about users’ activities in order to give users a “personalized experience” across all of the apps under the company’s umbrella, like more precisely targeted ads or in-app recommendations based on an amalgamation of the user’s cross-platform activities.

For users who thought they could keep various accounts separate, the realities of this “personalized experience” can prove frustrating. The spokesperson noted that Facebook could use this data to suggest that a user join a Facebook group that includes people that they follow on Instagram or chat with over Messenger. That could pose privacy concerns for users who want their activity on an unlinked Instagram account isolated from their prime Facebook profile.

The connections among these accounts pose additional challenges on the back end. Some users that set out to create Finstagrams complain that they’ve found their new accounts linked to their prime Facebook profiles, resulting in all of their friends, half-acquaintances, and distant relatives receiving a notification to follow their supposedly private Finsta.

Six Instagram users queried by WIRED said that, though they either did not recall ever linking their Facebook and Instagram accounts or explicitly unlinked the two, they are still served notifications that can only be dismissed by clicking the “Open Facebook” button inside the Instagram app. Despite the fact that their accounts are not explicitly linked, clicking the button brings them to either the Facebook app or a logged-in mobile web version of the site.

Asked about the issue, a Facebook spokesperson at first said it was a bug, then later described it as a feature. Regardless of whether an Instagram user has elected to link their Facebook profile, so long as they have an account, the company has linked the two internally, and tapping “Open Facebook” in Instagram will take them to the associated account, the spokesperson said. “It’s just one of the ways that we can help people to understand that Facebook is there,” the spokesperson said.

All users will likely see a notification bubble in Instagram which can only be dismissed by clicking Open Facebook. However, the number of notifications served to users who haven’t linked their Facebook accounts will effectively be made up.

“With an unlinked account … it’s not an accurate representation of what your actual number of Facebook notifications are,” the spokesperson explained. Tapping the Open Facebook button, the spokesperson said, ”will again either open the app if you have it or just open you onto the web page.”

The Facebook spokesperson says the company began testing the Open Facebook feature in June 2018 and introduced it to some users in August 2018. The spokesperson wasn’t sure whether the Open Facebook feature was currently the default for all users, or whether it was still being rolled out to all users.

Steve Rymell Head of Technology, Airbus CyberSecurity answers What Should Frighten us about AI-Based Malware?

Of all the cybersecurity industry’s problems, one of the most striking is the way attackers are often able to stay one step ahead of defenders without working terribly hard. It’s an issue whose root causes are mostly technical: the prime example are software vulnerabilities which cyber-criminals have a habit of finding out about before vendors and their customers, leading to the almost undefendable zero-day phenomenon which has propelled many famous cyber-attacks.

A second is that organizations struggling with the complexity of unfamiliar and new technologies make mistakes, inadvertently leaving vulnerable ports and services exposed. Starkest of all, perhaps, is the way techniques, tools, and infrastructure set up to help organizations defend themselves (Shodan, for example but also numerous pen-test tools) are now just as likely to be turned against businesses by attackers who tear into networks with the aggression of red teams gone rogue.

Add to this the polymorphic nature of modern malware, and attackers can appear so conceptually unstoppable that it’s no wonder security vendors increasingly emphasize the need not to block attacks but instead respond to them as quickly as possible.

The AI fightback
Some years back, a list of mostly US-based start-ups started a bit of a counter-attack against the doom and gloom with a brave new idea – AI machine learning (ML) security powered by algorithms. In an age of big data, this makes complete sense and the idea has since been taken up by all manner of systems used to for anti-spam, malware detection, threat analysis and intelligence, and Security Operations Centre (SoC) automation where it has been proposed to help patch skills shortages.

I’d rate these as useful advances, but there’s no getting away from the controversial nature of the theory, which has been branded by some as the ultimate example of technology as a ‘black box’ nobody really understands. How do we know that machine learning is able to detect new and unknown types of attack that conventional systems fail to spot? In some cases, it could be because the product brochure says so.

Then the even bigger gotcha hits you – what’s stopping attackers from outfoxing defensive ML with even better ML of their own? If this were possible, even some of the time, the industry would find itself back at square one.

This is pure speculation, of course, because to date nobody has detected AI being used in a cyber-attack, which is why our understanding of how it might work remains largely based around academic research such as IBM’s proof-of-concept DeepLocker malware project.

What might malicious ML look like?
It would be unwise to ignore the potential for trouble. One of the biggest hurdles faced by attackers is quickly understanding what works, for example when sending spam, phishing and, increasingly, political disinformation.

It’s not hard to imagine that big data techniques allied to ML could hugely improve the efficiency of these threats by analyzing how targets react to and share them in real time. This implies the possibility that such campaigns might one day evolve in a matter of hours or minutes; a timescale defender would struggle to counter using today’s technologies.

A second scenario is one that defenders would even see: that cyber-criminals might simulate the defenses of a target using their own ML to gauge the success of different attacks (a technique already routinely used to evade anti-virus). Once again, this exploits the advantage that attackers always have sight of the target, while defenders must rely on good guesses.

Or perhaps ML could simply be used to crank out vast quantities of new and unique malware than is possible today. Whichever of these approaches is taken – and this is only a sample of the possibilities – it jumps out at you how awkward it would be to defend against even relatively simple ML-based attacks. About the only consolation is that if ML-based AI really is a black box that nobody understands then, logically, the attackers won’t understand it either and will waste time experimenting.

Unintended consequences
If we should fear anything it’s precisely this black box effect. There are two parts to this, the biggest of which is the potential for ML-based malware to cause something unintended to happen, especially when targeting critical infrastructure.

This phenomenon has already come to pass with non-AI malware – Stuxnet in 2010 and NotPetya in 2017 are the obvious examples – both of which infected thousands of organizations not on their original target list after unexpectedly ‘escaping’ into the wild.

When it comes to powerful malware exploiting multiple zero days there’s no such thing as a reliably contained attack. Once released, this kind of malware remains pathogenically dangerous until every system it can infect is patched or taken offline, which might be years or decades down the line.

Another anxiety is that because the expertise to understand ML is still thin on the ground, there’s a danger that engineers could come to rely on it without fully understanding its limitations, both for defense and by over-estimating its usefulness in attack. The mistake, then, might be that too many over-invest in it based on marketing promises that end up consuming resources better deployed elsewhere.  Once a more realistic assessment takes hold, ML could end up as just another tool that is good at solving certain very specific problems.

Conclusion
My contradictory-sounding conclusion is that perhaps ML and AI makes no fundamental difference at all. It’s just another stop on a journey computer security has been making since the beginning of digital time. The problem is overcoming our preconceptions about what it is and what it means. Chiefly, we must overcome the tendency to think of ML and AI as mysteriously ‘other’ because we don’t understand it and therefore find it difficult to process the concept of machines making complex decisions.

It’s not as if attackers aren’t breaching networks already with today’s pre-ML technology or that well-prepared defenders aren’t regularly stopping them using the same technology. What AI reminds us is that the real difference is how organizations are defended, not whether they or their attackers use ML and AI or not. That has always been what separates survivors from victims. Cybersecurity remains a working demonstration of how the devil takes the hindmost.

Source: https://www.infosecurity-magazine.com/opinions/frighten-ai-malware-1/

Do you know who your iPhone is talking to?

 

https://www.washingtonpost.com/technology/2019/05/28/its-middle-night-do-you-know-who-your-iphone-is-talking/?noredirect=on

Yet these days, we spend more time in apps. Apple is strict about requiring apps to get permission to access certain parts of the iPhone, including your camera, microphone, location, health information, photos and contacts. (You can check and change those permissions under privacy settings.) But Apple turns more of a blind eye to what apps do with data we provide them or they generate about us — witness the sorts of tracking I found by looking under the covers for a few days.

“For the data and services that apps create on their own, our App Store Guidelines require developers to have clearly posted privacy policies and to ask users for permission to collect data before doing so. When we learn that apps have not followed our Guidelines in these areas, we either make apps change their practice or keep those apps from being on the store,” Apple says.

Yet very few apps I found using third-party trackers disclosed the names of those companies or how they protect my data. And what good is burying this information in privacy policies, anyway? What we need is accountability.

Getting more deeply involved in app data practices is complicated for Apple. Today’s technology frequently is built on third-party services, so Apple couldn’t simply ban all connections to outside servers. And some companies are so big they don’t even need the help of outsiders to track us.

The result shouldn’t be to increase Apple’s power. “I would like to make sure they’re not stifling innovation,” says Andrés Arrieta, the director of consumer privacy engineering at the Electronic Frontier Foundation. If Apple becomes the Internet’s privacy police, it could shut down rivals.

Jackson suggests Apple could also add controls into iOS like the ones built into Privacy Pro to give everyone more visibility.

Or perhaps Apple could require apps to label when they’re using third-party trackers. If I opened the DoorDash app and saw nine tracker notices, it might make me think twice about using it.

I don’t mind letting your trackers see my private data as long as I get something useful in exchange.

Forget privacy: you’re terrible at targeting anyway

I don’t mind letting your programs see my private data as long as I get something useful in exchange. But that’s not what happens.

A former co-worker told me once: „Everyone loves collecting data, but nobody loves analyzing it later.“ This claim is almost shocking, but people who have been involved in data collection and analysis have all seen it. It starts with a brilliant idea: we’ll collect information about every click someone makes on every page in our app! And we’ll track how long they hesitate over a particular choice! And how often they use the back button! How many seconds they watch our intro video before they abort! How many times they reshare our social media post!

And then they do track all that. Tracking it all is easy. Add some log events, dump them into a database, off we go.

But then what? Well, after that, we have to analyze it. And as someone who has analyzed a lot of data about various things, let me tell you: being a data analyst is difficult and mostly unrewarding (except financially).

See, the problem is there’s almost no way to know if you’re right. (It’s also not clear what the definition of „right“ is, which I’ll get to in a bit.) There are almost never any easy conclusions, just hard ones, and the hard ones are error prone. What analysts don’t talk about is how many incorrect charts (and therefore conclusions) get made on the way to making correct ones. Or ones we think are correct. A good chart is so incredibly persuasive that it almost doesn’t even matter if it’s right, as long as what you want is to persuade someone… which is probably why newpapers, magazines, and lobbyists publish so many misleading charts.

But let’s leave errors aside for the moment. Let’s assume, very unrealistically, that we as a profession are good at analyzing things. What then?

Well, then, let’s get rich on targeted ads and personalized recommendation algorithms. It’s what everyone else does!

Or do they?

The state of personalized recommendations is surprisingly terrible. At this point, the top recommendation is always a clickbait rage-creating article about movie stars or whatever Trump did or didn’t do in the last 6 hours. Or if not an article, then a video or documentary. That’s not what I want to read or to watch, but I sometimes get sucked in anyway, and then it’s recommendation apocalypse time, because the algorithm now thinks I like reading about Trump, and now everything is Trump. Never give positive feedback to an AI.

This is, by the way, the dirty secret of the machine learning movement: almost everything produced by ML could have been produced, more cheaply, using a very dumb heuristic you coded up by hand, because mostly the ML is trained by feeding it examples of what humans did while following a very dumb heuristic. There’s no magic here. If you use ML to teach a computer how to sort through resumes, it will recommend you interview people with male, white-sounding names, because it turns out that’s what your HR department already does. If you ask it what video a person like you wants to see next, it will recommend some political propaganda crap, because 50% of the time 90% of the people do watch that next, because they can’t help themselves, and that’s a pretty good success rate.

(Side note: there really are some excellent uses of ML out there, for things traditional algorithms are bad at, like image processing or winning at strategy games. That’s wonderful, but chances are good that your pet ML application is an expensive replacement for a dumb heuristic.)

Someone who works on web search once told me that they already have an algorithm that guarantees the maximum click-through rate for any web search: just return a page full of porn links. (Someone else said you can reverse this to make a porn detector: any link which has a high click-through rate, regardless of which query it’s answering, is probably porn.)

Now, the thing is, legitimate-seeming businesses can’t just give you porn links all the time, because that’s Not Safe For Work, so the job of most modern recommendation algorithms is to return the closest thing to porn that is still Safe For Work. In other words, celebrities (ideally attractive ones, or at least controversial ones), or politics, or both. They walk that line as closely as they can, because that’s the local maximum for their profitability. Sometimes they accidentally cross that line, and then have to apologize or pay a token fine, and then go back to what they were doing.

This makes me sad, but okay, it’s just math. And maybe human nature. And maybe capitalism. Whatever. I might not like it, but I understand it.

My complaint is that none of the above had anything to do with hoarding my personal information.

The hottest recommendations have nothing to do with me

Let’s be clear: the best targeted ads I will ever see are the ones I get from a search engine when it serves an ad for exactly the thing I was searching for. Everybody wins: I find what I wanted, the vendor helps me buy their thing, and the search engine gets paid for connecting us. I don’t know anybody who complains about this sort of ad. It’s a good ad.

And it, too, had nothing to do with my personal information!

Google was serving targeted search ads decades ago, before it ever occurred to them to ask me to log in. Even today you can still use every search engine web site without logging in. They all still serve ads targeted to your search keyword. It’s an excellent business.

There’s another kind of ad that works well on me. I play video games sometimes, and I use Steam, and sometimes I browse through games on Steam and star the ones I’m considering buying. Later, when those games go on sale, Steam emails me to tell me they are on sale, and sometimes then I buy them. Again, everybody wins: I got a game I wanted (at a discount!), the game maker gets paid, and Steam gets paid for connecting us. And I can disable the emails if I want, but I don’t want, because they are good ads.

But nobody had to profile me to make that happen! Steam has my account, and I told it what games I wanted and then it sold me those games. That’s not profiling, that’s just remembering a list that I explicitly handed to you.

Amazon shows a box that suggests I might want to re-buy certain kinds of consumable products that I’ve bought in the past. This is useful too, and requires no profiling other than remembering the transactions we’ve had with each other in the past, which they kinda have to do anyway. And again, everybody wins.

Now, Amazon also recommends products like the ones I’ve bought before, or looked at before. That’s, say, 20% useful. If I just bought a computer monitor, and you know I did because I bought it from you, then you might as well stop selling them to me. But for a few days after I buy any electronics they also keep offering to sell me USB cables, and they’re probably right. So okay, 20% useful targeting is better than 0% useful. I give Amazon some credit for building a useful profile of me, although it’s specifically a profile of stuff I did on their site and which they keep to themselves. That doesn’t seem too invasive. Nobody is surprised that Amazon remembers what I bought or browsed on their site.

Worse is when (non-Amazon) vendors get the idea that I might want something. (They get this idea because I visited their web site and looked at it.) So their advertising partner chases me around the web trying to sell me the same thing. They do that, even if I already bought it. Ironically, this is because of a half-hearted attempt to protect my privacy. The vendor doesn’t give information about me or my transactions to their advertising partner (because there’s an excellent chance it would land them in legal trouble eventually), so the advertising partner doesn’t know that I bought it. All they know (because of the advertising partner’s tracker gadget on the vendor’s web site) is that I looked at it, so they keep advertising it to me just in case.

But okay, now we’re starting to get somewhere interesting. The advertiser has a tracker that it places on multiple sites and tracks me around. So it doesn’t know what I bought, but it does know what I looked at, probably over a long period of time, across many sites.

Using this information, its painstakingly trained AI makes conclusions about which other things I might want to look at, based on…

…well, based on what? People similar to me? Things my Facebook friends like to look at? Some complicated matrix-driven formula humans can’t possibly comprehend, but which is 10% better?

Probably not. Probably what it does is infer my gender, age, income level, and marital status. After that, it sells me cars and gadgets if I’m a guy, and fashion if I’m a woman. Not because all guys like cars and gadgets, but because some very uncreative human got into the loop and said „please sell my car mostly to men“ and „please sell my fashion items mostly to women.“ Maybe the AI infers the wrong demographic information (I know Google has mine wrong) but it doesn’t really matter, because it’s usually mostly right, which is better than 0% right, and advertisers get some mostly demographically targeted ads, which is better than 0% targeted ads.

You know this is how it works, right? It has to be. You can infer it from how bad the ads are. Anyone can, in a few seconds, think of some stuff they really want to buy which The Algorithm has failed to offer them, all while Outbrain makes zillions of dollars sending links about car insurance to non-car-owning Manhattanites. It might as well be a 1990s late-night TV infomercial, where all they knew for sure about my demographic profile is that I was still awake.

You tracked me everywhere I go, logging it forever, begging for someone to steal your database, desperately fearing that some new EU privacy regulation might destroy your business… for this?

Statistical Astrology

Of course, it’s not really as simple as that. There is not just one advertising company tracking me across every web site I visit. There are… many advertising companies tracking me across every web site I visit. Some of them don’t even do advertising, they just do tracking, and they sell that tracking data to advertisers who supposedly use it to do better targeting.

This whole ecosystem is amazing. Let’s look at online news web sites. Why do they load so slowly nowadays? Trackers. No, not ads – trackers. They only have a few ads, which mostly don’t take that long to load. But they have a lot of trackers, because each tracker will pay them a tiny bit of money to be allowed to track each page view. If you’re a giant publisher teetering on the edge of bankruptcy and you have 25 trackers on your web site already, but tracker company #26 calls you and says they’ll pay you $50k a year if you add their tracker too, are you going to say no? Your page runs like sludge already, so making it 1/25th more sludgy won’t change anything, but that $50k might.

(„Ad blockers“ remove annoying ads, but they also speed up the web, mostly because they remove trackers. Embarrassingly, the trackers themselves don’t even need to cause a slowdown, but they always do, because their developers are invariably idiots who each need to load thousands of lines of javascript to do what could be done in two. But that’s another story.)

Then the ad sellers, and ad networks, buy the tracking data from all the trackers. The more tracking data they have, the better they can target ads, right? I guess.

The brilliant bit here is that each of the trackers has a bit of data about you, but not all of it, because not every tracker is on every web site. But on the other hand, cross-referencing individuals between trackers is kinda hard, because none of them wants to give away their secret sauce. So each ad seller tries their best to cross-reference the data from all the tracker data they buy, but it mostly doesn’t work. Let’s say there are 25 trackers each tracking a million users, probably with a ton of overlap. In a sane world we’d guess that there are, at most, a few million distinct users. But in an insane world where you can’t prove if there’s an overlap, it could be as many as 25 million distinct users! The more tracker data your ad network buys, the more information you have! Probably! And that means better targeting! Maybe! And so you should buy ads from our network instead of the other network with less data! I guess!

None of this works. They are still trying to sell me car insurance for my subway ride.

It’s not just ads

That’s a lot about profiling for ad targeting, which obviously doesn’t work, if anyone would just stop and look at it. But there are way too many people incentivized to believe otherwise. Meanwhile, if you care about your privacy, all that matters is they’re still collecting your personal information whether it works or not.

What about content recommendation algorithms though? Do those work?

Obviously not. I mean, have you tried them. Seriously.

That’s not quite fair. There are a few things that work. Pandora’s music recommendations are surprisingly good, but they are doing it in a very non-obvious way. The obvious way is to take the playlist of all the songs your users listen to, blast it all into an ML training dataset, and then use that to produce a new playlist for new users based on… uh… their… profile? Well, they don’t have a profile yet because they just joined. Perhaps based on the first few songs they select manually? Maybe, but they probably started with either a really popular song, which tells you nothing, or a really obscure song to test the thoroughness of your library, which tells you less than nothing.

(I’m pretty sure this is how Mixcloud works. After each mix, it tries to find the „most similar“ mix to continue with. Usually this is someone else’s upload of the exact same mix. Then the „most similar“ mix to that one is the first one, so it does that. Great job, machine learning, keep it up.)

That leads us to the „random song followed by thumbs up/down“ system that everyone uses. But everyone sucks, except Pandora. Why? Apparently because Pandora spent a lot of time hand-coding a bunch of music characteristics and writing a „real algorithm“ (as opposed to ML) that tries to generate playlists based on the right combinations of those characteristics.

In that sense, Pandora isn’t pure ML. It often converges on a playlist you’ll like within one or two thumbs up/down operations, because you’re navigating through a multidimensional interconnected network of songs that people encoded the hard way, not a massive matrix of mediocre playlists scraped from average people who put no effort into generating those playlists in the first place. Pandora is bad at a lot of things (especially „availability in Canada“) but their music recommendations are top notch.

Just one catch. If Pandora can figure out a good playlist based on a starter song and one or two thumbs up/down clicks, then… I guess it’s not profiling you. They didn’t need your personal information either.

Netflix

While we’re here, I just want to rant about Netflix, which is an odd case of starting off with a really good recommendation algorithm and then making it worse on purpose.

Once upon a time, there was the Netflix prize, which granted $1 million to the best team that could predict people’s movie ratings, based on their past ratings, with better accuracy than Netflix could themselves. (This not-so-shockingly resulted in a privacy fiasco when it turned out you could de-anonymize the data set that they publicly released, oops. Well, that’s what you get when you long-term store people’s personal information in a database.)

Netflix believed their business depended on a good recommendation algorithm. It was already pretty good: I remember using Netflix around 10 years ago and getting several recommendations for things I would never have discovered, but which I turned out to like. That hasn’t happened to me on Netflix in a long, long time.

As the story goes, once upon a time Netflix was a DVD-by-mail service. DVD-by-mail is really slow, so it was absolutely essential that at least one of this week’s DVDs was good enough to entertain you for your Friday night movie. Too many Fridays with only bad movies, and you’d surely unsubscribe. A good recommendation system was key. (I guess there was also some interesting math around trying to make sure to rent out as much of the inventory as possible each week, since having a zillion copies of the most recent blockbuster, which would be popular this month and then die out next month, was not really viable.)

Eventually though, Netflix moved online, and the cost of a bad recommendation was much less: just stop watching and switch to a new movie. Moreover, it was perfectly fine if everyone watched the same blockbuster. In fact, it was better, because they could cache it at your ISP and caches always work better if people are boring and average.

Worse, as the story goes, Netflix noticed a pattern: the more hours people watch, the less likely they are to cancel. (This makes sense: the more hours you spend on Netflix, the more you feel like you „need“ it.) And with new people trying the service at a fixed or proportional rate, higher retention translates directly to faster growth.

When I heard this was also when I learned the word „satisficing,“ which essentially means searching through sludge not for the best option, but for a good enough option. Nowadays Netflix isn’t about finding the best movie, it’s about satisficing. If it has the choice between an award-winning movie that you 80% might like or 20% might hate, and a mainstream movie that’s 0% special but you 99% won’t hate, it will recommend the second one every time. Outliers are bad for business.

The thing is, you don’t need a risky, privacy-invading profile to recommend a mainstream movie. Mainstream movies are specially designed to be inoffensive to just about everyone. My Netflix recommendations screen is no longer „Recommended for you,“ it’s „New Releases,“ and then „Trending Now,“ and „Watch it again.“

As promised, Netflix paid out their $1 million prize to buy the winning recommendation algorithm, which was even better than their old one. But they didn’t use it, they threw it away.

Some very expensive A/B testers determined that this is what makes me watch the most hours of mindless TV. Their revenues keep going up. And they don’t even need to invade my privacy to do it.

Who am I to say they’re wrong?

https://apenwarr.ca/log/20190201

45 Techniques Used by Data Scientists

These techniques cover most of what data scientists and related practitioners are using in their daily activities, whether they use solutions offered by a vendor, or whether they design proprietary tools. When you click on any of the 45 links below, you will find a selection of articles related to the entry in question. Most of these articles are hard to find with a Google search, so in some ways this gives you access to the hidden literature on data science, machine learning, and statistical science. Many of these articles are fundamental to understanding the technique in question, and come with further references and source code.

Starred techniques (marked with a *) belong to what I call deep data science, a branch of data science that has little if any overlap with closely related fields such as machine learning, computer science, operations research, mathematics, or statistics. Even classical machine learning and statistical techniques such as clustering, density estimation,  or tests of hypotheses, have model-free, data-driven, robust versions designed for automated processing (as in machine-to-machine communications), and thus also belong to deep data science. However, these techniques are not starred here, as the standard versions of these techniques are more well known (and unfortunately more used) than the deep data science equivalent.

To learn more about deep data science,  click here. Note that unlike deep learning, deep data science is not the intersection of data science and artificial intelligence; however, the analogy between deep data science and deep learning is not completely meaningless, in the sense that both deal with automation.

Also, to discover in which contexts and applications the 40 techniques below are used, I invite you to read the following articles:

Finally, when using a technique, you need to test its performance. Read this article about 11 Important Model Evaluation Techniques Everyone Should Know.

The 40 data science techniques

  1. Linear Regression
  2. Logistic Regression
  3. Jackknife Regression *
  4. Density Estimation
  5. Confidence Interval
  6. Test of Hypotheses
  7. Pattern Recognition
  8. Clustering – (aka Unsupervised Learning)
  9. Supervised Learning
  10. Time Series
  11. Decision Trees
  12. Random Numbers
  13. Monte-Carlo Simulation
  14. Bayesian Statistics
  15. Naive Bayes
  16. Principal Component Analysis – (PCA)
  17. Ensembles
  18. Neural Networks
  19. Support Vector Machine – (SVM)
  20. Nearest Neighbors – (k-NN)
  21. Feature Selection – (aka Variable Reduction)
  22. Indexation / Cataloguing *
  23. (Geo-) Spatial Modeling
  24. Recommendation Engine *
  25. Search Engine *
  26. Attribution Modeling *
  27. Collaborative Filtering *
  28. Rule System
  29. Linkage Analysis
  30. Association Rules
  31. Scoring Engine
  32. Segmentation
  33. Predictive Modeling
  34. Graphs
  35. Deep Learning
  36. Game Theory
  37. Imputation
  38. Survival Analysis
  39. Arbitrage
  40. Lift Modeling
  41. Yield Optimization
  42. Cross-Validation
  43. Model Fitting
  44. Relevancy Algorithm *
  45. Experimental Design

Source: https://www.datasciencecentral.com/profiles/blogs/40-techniques-used-by-data-scientists