Tag Archives: shared
#431238 AI Is Easy to Fool—Why That Needs to ...
Con artistry is one of the world’s oldest and most innovative professions, and it may soon have a new target. Research suggests artificial intelligence may be uniquely susceptible to tricksters, and as its influence in the modern world grows, attacks against it are likely to become more common.
The root of the problem lies in the fact that artificial intelligence algorithms learn about the world in very different ways than people do, and so slight tweaks to the data fed into these algorithms can throw them off completely while remaining imperceptible to humans.
Much of the research into this area has been conducted on image recognition systems, in particular those relying on deep learning neural networks. These systems are trained by showing them thousands of examples of images of a particular object until they can extract common features that allow them to accurately spot the object in new images.
But the features they extract are not necessarily the same high-level features a human would be looking for, like the word STOP on a sign or a tail on a dog. These systems analyze images at the individual pixel level to detect patterns shared between examples. These patterns can be obscure combinations of pixel values, in small pockets or spread across the image, that would be impossible to discern for a human, but highly accurate at predicting a particular object.
“An attacker can trick the object recognition algorithm into seeing something that isn’t there, without these alterations being obvious to a human.”
What this means is that by identifying these patterns and overlaying them over a different image, an attacker can trick the object recognition algorithm into seeing something that isn’t there, without these alterations being obvious to a human. This kind of manipulation is known as an “adversarial attack.”
Early attempts to trick image recognition systems this way required access to the algorithm’s inner workings to decipher these patterns. But in 2016 researchers demonstrated a “black box” attack that enabled them to trick such a system without knowing its inner workings.
By feeding the system doctored images and seeing how it classified them, they were able to work out what it was focusing on and therefore generate images they knew would fool it. Importantly, the doctored images were not obviously different to human eyes.
These approaches were tested by feeding doctored image data directly into the algorithm, but more recently, similar approaches have been applied in the real world. Last year it was shown that printouts of doctored images that were then photographed on a smartphone successfully tricked an image classification system.
Another group showed that wearing specially designed, psychedelically-colored spectacles could trick a facial recognition system into thinking people were celebrities. In August scientists showed that adding stickers to stop signs in particular configurations could cause a neural net designed to spot them to misclassify the signs.
These last two examples highlight some of the potential nefarious applications for this technology. Getting a self-driving car to miss a stop sign could cause an accident, either for insurance fraud or to do someone harm. If facial recognition becomes increasingly popular for biometric security applications, being able to pose as someone else could be very useful to a con artist.
Unsurprisingly, there are already efforts to counteract the threat of adversarial attacks. In particular, it has been shown that deep neural networks can be trained to detect adversarial images. One study from the Bosch Center for AI demonstrated such a detector, an adversarial attack that fools the detector, and a training regime for the detector that nullifies the attack, hinting at the kind of arms race we are likely to see in the future.
While image recognition systems provide an easy-to-visualize demonstration, they’re not the only machine learning systems at risk. The techniques used to perturb pixel data can be applied to other kinds of data too.
“Bypassing cybersecurity defenses is one of the more worrying and probable near-term applications for this approach.”
Chinese researchers showed that adding specific words to a sentence or misspelling a word can completely throw off machine learning systems designed to analyze what a passage of text is about. Another group demonstrated that garbled sounds played over speakers could make a smartphone running the Google Now voice command system visit a particular web address, which could be used to download malware.
This last example points toward one of the more worrying and probable near-term applications for this approach: bypassing cybersecurity defenses. The industry is increasingly using machine learning and data analytics to identify malware and detect intrusions, but these systems are also highly susceptible to trickery.
At this summer’s DEF CON hacking convention, a security firm demonstrated they could bypass anti-malware AI using a similar approach to the earlier black box attack on the image classifier, but super-powered with an AI of their own.
Their system fed malicious code to the antivirus software and then noted the score it was given. It then used genetic algorithms to iteratively tweak the code until it was able to bypass the defenses while maintaining its function.
All the approaches noted so far are focused on tricking pre-trained machine learning systems, but another approach of major concern to the cybersecurity industry is that of “data poisoning.” This is the idea that introducing false data into a machine learning system’s training set will cause it to start misclassifying things.
This could be particularly challenging for things like anti-malware systems that are constantly being updated to take into account new viruses. A related approach bombards systems with data designed to generate false positives so the defenders recalibrate their systems in a way that then allows the attackers to sneak in.
How likely it is that these approaches will be used in the wild will depend on the potential reward and the sophistication of the attackers. Most of the techniques described above require high levels of domain expertise, but it’s becoming ever easier to access training materials and tools for machine learning.
Simpler versions of machine learning have been at the heart of email spam filters for years, and spammers have developed a host of innovative workarounds to circumvent them. As machine learning and AI increasingly embed themselves in our lives, the rewards for learning how to trick them will likely outweigh the costs.
Image Credit: Nejron Photo / Shutterstock.com Continue reading
Posted in Human Robots
#431023 Finish Him! MegaBots’ Giant Robot Duel ...
It began two years ago when MegaBots co-founders Matt Oehrlein and Gui Cavalcanti donned American flags as capes and challenged Suidobashi Heavy Industries to a giant robot duel in a YouTube video that immediately went viral.
The battle proposed: MegaBots’ 15-foot tall, 1,200-pound MK2 robot vs. Suidobashi’s 9,000-pound robot, KURATAS. Oehrlein and Cavalcanti first discovered the KURATAS robot in a listing on Amazon with a million-dollar price tag.
In an equally flamboyant response video, Suidobashi CEO and founder Kogoro Kurata accepted the challenge. (Yes, he named his robot after himself.) Both parties planned to take a year to prepare their robots for combat.
In the end, it took twice the amount of time. Nonetheless, the battle is going down this September in an undisclosed location.
Oehrlein shared more about the much-anticipated showdown during our interview at Singularity University’s Global Summit.
Two years since the initial video, MegaBots has now completed the combat-capable MK3 robot, named Eagle Prime. This new 12-ton, 16-foot-tall robot is powered by a 430-horsepower Corvette engine and requires two human pilots.
It’s also the robot they recently shipped to take on KURATAS.
Building Eagle Prime has been no small feat. With arms and legs that each weigh as much as a car, assembling the robot takes forklifts, cranes, and a lot of caution. Fortress One, MegaBots’ headquarters in Hayward, California is where the magic happens.
In terms of “weaponry,” Eagle Prime features a giant pneumatic cannon that shoots huge paint cannonballs. Oehrlein warns, “They can shatter all the windows in a car. It’s very powerful.” A logging grapple, which looks like a giant claw and exerts 3,000 pounds of steel-crushing force, has also been added to the robot.
“It’s a combination of range combat, using the paint balls to maybe blind cameras on the other robot or take out sensitive electronics, and then closing in with the claw and trying to disable their systems at close range,” Oehrlein explains.
Safety systems include a cockpit roll cage for the two pilots, five-point safety seatbelt harnesses, neck restraints, helmets, and flame retardant suits.
Co-founder, Matt Oehrlein, inside the cockpit of MegaBots’ Eagle Prime giant robot.
Oehrlein and Cavalcanti have also spent considerable time inside Eagle Prime practicing battlefield tactics and maneuvering the robot through obstacle courses.
Suidobashi’s robot is a bit shorter and lighter, but also a little faster, so the battle dynamics should be interesting.
You may be thinking, “Why giant dueling robots?”
MegaBots’ grand vision is a full-blown international sports league of giant fighting robots on the scale of Formula One racing. Picture a nostalgic evening sipping a beer (or three) and watching Pacific Rim- and Power Rangers-inspired robots battle—only in real life.
Eagle Prime is, in good humor, a proudly patriotic robot.
“Japan is known as a robotic powerhouse,” says Oehrlein, “I think there’s something interesting about the slightly overconfident American trying to get a foothold in the robotics space and doing it by building a bigger, louder, heavier robot, in true American fashion.”
For safety reasons, no fans will be admitted during the time of the fight. The battle will be posted after the fact on MegaBots’ YouTube channel and Facebook page.
We’ll soon find out whether this becomes another American underdog story.
In the meantime, I give my loyalty to MegaBots, and in the words of Mortal Kombat, say, “Finish him!”
via GIPHY
Image Credit: MegaBots Continue reading
Posted in Human Robots
#431015 Finish Him! MegaBots’ Giant Robot Duel ...
It began two years ago when MegaBots co-founders Matt Oehrlein and Gui Cavalcanti donned American flags as capes and challenged Suidobashi Heavy Industries to a giant robot duel in a YouTube video that immediately went viral.
The battle proposed: MegaBots’ 15-foot tall, 1,200-pound MK2 robot vs. Suidobashi’s 9,000-pound robot, KURATAS. Oehrlein and Cavalcanti first discovered the KURATAS robot in a listing on Amazon with a million-dollar price tag.
In an equally flamboyant response video, Suidobashi CEO and founder Kogoro Kurata accepted the challenge. (Yes, he named his robot after himself.) Both parties planned to take a year to prepare their robots for combat.
In the end, it took twice the amount of time. Nonetheless, the battle is going down this September in an undisclosed location in Japan.
Oehrlein shared more about the much-anticipated showdown during our interview at Singularity University’s Global Summit.
Two years since the initial video, MegaBots has now completed the combat-capable MK3 robot, named Eagle Prime. This new 12-ton, 16-foot-tall robot is powered by a 430-horsepower Corvette engine and requires two human pilots.
It’s also the robot they recently shipped to Japan to take on KURATAS.
Building Eagle Prime has been no small feat. With arms and legs that each weigh as much as a car, assembling the robot takes forklifts, cranes, and a lot of caution. Fortress One, MegaBots’ headquarters in Hayward, California is where the magic happens.
In terms of “weaponry,” Eagle Prime features a giant pneumatic cannon that shoots huge paint cannonballs. Oehrlein warns, “They can shatter all the windows in a car. It’s very powerful.” A logging grapple, which looks like a giant claw and exerts 3,000 pounds of steel-crushing force, has also been added to the robot.
“It’s a combination of range combat, using the paint balls to maybe blind cameras on the other robot or take out sensitive electronics, and then closing in with the claw and trying to disable their systems at close range,” Oehrlein explains.
Safety systems include a cockpit roll cage for the two pilots, five-point safety seatbelt harnesses, neck restraints, helmets, and flame retardant suits.
Co-founder, Matt Oehrlein, inside the cockpit of MegaBots’ Eagle Prime giant robot.
Oehrlein and Cavalcanti have also spent considerable time inside Eagle Prime practicing battlefield tactics and maneuvering the robot through obstacle courses.
Suidobashi’s robot is a bit shorter and lighter, but also a little faster, so the battle dynamics should be interesting.
You may be thinking, “Why giant dueling robots?”
MegaBots’ grand vision is a full-blown international sports league of giant fighting robots on the scale of Formula One racing. Picture a nostalgic evening sipping a beer (or three) and watching Pacific Rim- and Power Rangers-inspired robots battle—only in real life.
Eagle Prime is, in good humor, a proudly patriotic robot.
“Japan is known as a robotic powerhouse,” says Oehrlein, “I think there’s something interesting about the slightly overconfident American trying to get a foothold in the robotics space and doing it by building a bigger, louder, heavier robot, in true American fashion.”
For safety reasons, no fans will be admitted during the time of the fight. The battle will be posted after the fact on MegaBots’ YouTube channel and Facebook page.
We’ll soon find out whether this becomes another American underdog story.
In the meantime, I give my loyalty to MegaBots, and in the words of Mortal Kombat, say, “Finish him!”
via GIPHY
Image Credit: MegaBots Continue reading
Posted in Human Robots
#430868 These 7 Forces Are Changing the World at ...
It was the Greek philosopher Heraclitus who first said, “The only thing that is constant is change.”
He was onto something. But even he would likely be left speechless at the scale and pace of change the world has experienced in the past 100 years—not to mention the past 10.
Since 1917, the global population has gone from 1.9 billion people to 7.5 billion. Life expectancy has more than doubled in many developing countries and risen significantly in developed countries. In 1917 only eight percent of homes had phones—in the form of landline telephones—while today more than seven in 10 Americans own a smartphone—aka, a supercomputer that fits in their pockets.
And things aren’t going to slow down anytime soon. In a talk at Singularity University’s Global Summit this week in San Francisco, SU cofounder and chairman Peter Diamandis told the audience, “Tomorrow’s speed of change will make today look like we’re crawling.” He then shared his point of view about some of the most important factors driving this accelerating change.
Peter Diamandis at Singularity University’s Global Summit in San Francisco.
Computation
In 1965, Gordon Moore (cofounder of Intel) predicted computer chips would double in power and halve in cost every 18 to 24 months. What became known as Moore’s Law turned out to be accurate, and today affordable computer chips contain a billion or more transistors spaced just nanometers apart.
That means computers can do exponentially more calculations per second than they could thirty, twenty, or ten years ago—and at a dramatically lower cost. This in turn means we can generate a lot more information, and use computers for all kinds of applications they wouldn’t have been able to handle in the past (like diagnosing rare forms of cancer, for example).
Convergence
Increased computing power is the basis for a myriad of technological advances, which themselves are converging in ways we couldn’t have imagined a couple decades ago. As new technologies advance, the interactions between various subsets of those technologies create new opportunities that accelerate the pace of change much more than any single technology can on its own.
A breakthrough in biotechnology, for example, might spring from a crucial development in artificial intelligence. An advance in solar energy could come about by applying concepts from nanotechnology.
Interface Moments
Technology is becoming more accessible even to the most non-techy among us. The internet was once the domain of scientists and coders, but these days anyone can make their own web page, and browsers make those pages easily searchable. Now, interfaces are opening up areas like robotics or 3D printing.
As Diamandis put it, “You don’t need to know how to code to 3D print an attachment for your phone. We’re going from mind to materialization, from intentionality to implication.”
Artificial intelligence is what Diamandis calls “the ultimate interface moment,” enabling everyone who can speak their mind to connect and leverage exponential technologies.
Connectivity
Today there are about three billion people around the world connected to the internet—that’s up from 1.8 billion in 2010. But projections show that by 2025 there will be eight billion people connected. This is thanks to a race between tech billionaires to wrap the Earth in internet; Elon Musk’s SpaceX has plans to launch a network of 4,425 satellites to get the job done, while Google’s Project Loon is using giant polyethylene balloons for the task.
These projects will enable five billion new minds to come online, and those minds will have access to exponential technologies via interface moments.
Sensors
Diamandis predicts that after we establish a 5G network with speeds of 10–100 Gbps, a proliferation of sensors will follow, to the point that there’ll be around 100,000 sensors per city block. These sensors will be equipped with the most advanced AI, and the combination of these two will yield an incredible amount of knowledge.
“By 2030 we’re heading towards 100 trillion sensors,” Diamandis said. “We’re heading towards a world in which we’re going to be able to know anything we want, anywhere we want, anytime we want.” He added that tens of thousands of drones will hover over every major city.
Intelligence
“If you think there’s an arms race going on for AI, there’s also one for HI—human intelligence,” Diamandis said. He explained that if a genius was born in a remote village 100 years ago, he or she would likely not have been able to gain access to the resources needed to put his or her gifts to widely productive use. But that’s about to change.
Private companies as well as military programs are working on brain-machine interfaces, with the ultimate aim of uploading the human mind. The focus in the future will be on increasing intelligence of individuals as well as companies and even countries.
Wealth Concentration
A final crucial factor driving mass acceleration is the increase in wealth concentration. “We’re living in a time when there’s more wealth in the hands of private individuals, and they’re willing to take bigger risks than ever before,” Diamandis said. Billionaires like Mark Zuckerberg, Jeff Bezos, Elon Musk, and Bill Gates are putting millions of dollars towards philanthropic causes that will benefit not only themselves, but humanity at large.
What It All Means
One of the biggest implications of the rate at which the world is changing, Diamandis said, is that the cost of everything is trending towards zero. We are heading towards abundance, and the evidence lies in the reduction of extreme poverty we’ve already seen and will continue to see at an even more rapid rate.
Listening to Diamandis’ optimism, it’s hard not to find it contagious.
“The world is becoming better at an extraordinary rate,” he said, pointing out the rises in literacy, democracy, vaccinations, and life expectancy, and the concurrent decreases in child mortality, birth rate, and poverty.
“We’re alive during a pivotal time in human history,” he concluded. “There is nothing we don’t have access to.”
Stock Media provided by seanpavonephoto / Pond5 Continue reading
Posted in Human Robots
#430743 Teaching Machines to Understand, and ...
We humans are swamped with text. It’s not just news and other timely information: Regular people are drowning in legal documents. The problem is so bad we mostly ignore it. Every time a person uses a store’s loyalty rewards card or connects to an online service, his or her activities are governed by the equivalent of hundreds of pages of legalese. Most people pay no attention to these massive documents, often labeled “terms of service,” “user agreement,” or “privacy policy.”
These are just part of a much wider societal problem of information overload. There is so much data stored—exabytes of it, as much stored as has ever been spoken by people in all of human history—that it’s humanly impossible to read and interpret everything. Often, we narrow down our pool of information by choosing particular topics or issues to pay attention to. But it’s important to actually know the meaning and contents of the legal documents that govern how our data is stored and who can see it.
As computer science researchers, we are working on ways artificial intelligence algorithms could digest these massive texts and extract their meaning, presenting it in terms regular people can understand.
Can computers understand text?
Computers store data as 0s and 1s—data that cannot be directly understood by humans. They interpret these data as instructions for displaying text, sound, images, or videos that are meaningful to people. But can computers actually understand the language, not only presenting the words but also their meaning?
One way to find out is to ask computers to summarize their knowledge in ways that people can understand and find useful. It would be best if AI systems could process text quickly enough to help people make decisions as they are needed—for example, when you’re signing up for a new online service and are asked to agree with the site’s privacy policy.
What if a computerized assistant could digest all that legal jargon in a few seconds and highlight key points? Perhaps a user could even tell the automated assistant to pay particular attention to certain issues, like when an email address is shared, or whether search engines can index personal posts. Companies could use this capability, too, to analyze contracts or other lengthy documents.
To do this sort of work, we need to combine a range of AI technologies, including machine learning algorithms that take in large amounts of data and independently identify connections among them; knowledge representation techniques to express and interpret facts and rules about the world; speech recognition systems to convert spoken language to text; and human language comprehension programs that process the text and its context to determine what the user is telling the system to do.
Examining privacy policies
A modern internet-enabled life today more or less requires trusting for-profit companies with private information (like physical and email addresses, credit card numbers and bank account details) and personal data (photos and videos, email messages and location information).
These companies’ cloud-based systems typically keep multiple copies of users’ data as part of backup plans to prevent service outages. That means there are more potential targets—each data center must be securely protected both physically and electronically. Of course, internet companies recognize customers’ concerns and employ security teams to protect users’ data. But the specific and detailed legal obligations they undertake to do that are found in their impenetrable privacy policies. No regular human—and perhaps even no single attorney—can truly understand them.
In our study, we ask computers to summarize the terms and conditions regular users say they agree to when they click “Accept” or “Agree” buttons for online services. We downloaded the publicly available privacy policies of various internet companies, including Amazon AWS, Facebook, Google, HP, Oracle, PayPal, Salesforce, Snapchat, Twitter, and WhatsApp.
Summarizing meaning
Our software examines the text and uses information extraction techniques to identify key information specifying the legal rights, obligations and prohibitions identified in the document. It also uses linguistic analysis to identify whether each rule applies to the service provider, the user or a third-party entity, such as advertisers and marketing companies. Then it presents that information in clear, direct, human-readable statements.
For example, our system identified one aspect of Amazon’s privacy policy as telling a user, “You can choose not to provide certain information, but then you might not be able to take advantage of many of our features.” Another aspect of that policy was described as “We may also collect technical information to help us identify your device for fraud prevention and diagnostic purposes.”
We also found, with the help of the summarizing system, that privacy policies often include rules for third parties—companies that aren’t the service provider or the user—that people might not even know are involved in data storage and retrieval.
The largest number of rules in privacy policies—43 percent—apply to the company providing the service. Just under a quarter of the rules—24 percent—create obligations for users and customers. The rest of the rules govern behavior by third-party services or corporate partners, or could not be categorized by our system.
The next time you click the “I Agree” button, be aware that you may be agreeing to share your data with other hidden companies who will be analyzing it.
We are continuing to improve our ability to succinctly and accurately summarize complex privacy policy documents in ways that people can understand and use to access the risks associated with using a service.
This article was originally published on The Conversation. Read the original article. Continue reading
Posted in Human Robots