TechLetters #24 - AI Regulation/governance project, AI adversarial attacks, supply chain compromise at Codecov, infection risk for macOS users, Fl0C 0ff?
Éditorial
Security
5G security? “Just to let that sink in, Huawei (and their close partners) already run and directly operate the mobile telecommunication infrastructure for over 100 million European subscribers”. The reality in telecommunication is heavy outsourcing of the control of their networks, sometimes the core networks.
Codecov goes worse. Last week I wrote about hacking of Codecov’s software engineering tools, which quickly lead to many software projects getting infected. Turns out it’s even worse. That’s why supply-chain compromises are notoriously tricky.
Hacking tampering systems with a twist. “We are of course willing to responsibly disclose the specific vulnerabilities we know about to Cellebrite if they do the same for all the vulnerabilities they use in their physical extraction and other services to their respective vendors, now and in the future.”. Nice trolling!
Adversarial AI. A novel class of training-time attacks that require no changes to the underlying model dataset or architecture, but instead only change the order in which data are supplied to the model. In particular, an attacker can disrupt the integrity and availability of a model by simply reordering training batches, with no knowledge about either the model or the dataset. Indeed, the attacks presented here are not specific to the model or dataset, but rather target the stochastic nature of modern learning procedures. We extensively evaluate our attacks to find that the adversary can disrupt model training and even introduce backdoors … stochastic gradient descent, like cryptography, depends on randomness. A random number generator with a backdoor can undermine a neural network just as it can undermine a payment network. The requirement for SGD is not however secrecy, but transparency (pdf).
Homebrew bug. Vulnerability found in a very popular package manager for MacOS. Now let’s think for a moment. How to compromise/hack significant number of Macs, for example at influential software developers at important technology companies? Targeting/infecting Homebrew might be a good start.
Privacy
FloC off? “This plugin adds an HTTP header to your WordPress website that disables Google’s “Federated Learning of Cohorts””. Google Privacy Sandbox’s Federated Learning of Cohorts gathered significant criticism recently, from some web browser vendors, to Word Press, to a number of influential sites, and some NGOs.
Scrapping phone numbers. “Using an accurate database of mobile phone number prefixes and very few resources, we have queried 10 % of US mobile phone numbers for WhatsApp and 100 % for Signal.” (PDF)
Technology Policy
AI Regulation. My technical assessment of European Union’s plan on regulating AI. Transparency and ethics to be built-in, as well as a technical assessment process. Heavy fines (30M or 6% turnover) to be introduced. This will influence how AI/ML systems are developed. The law will also regulate deepfakes.
In case you feel it's worth it to forward this letter further, I leave this thingy below: