BC SCIENCE
Saved by @ThomassRichards

Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

 In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML
For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.
Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!
This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
Recent work targets The Cloud
* co-location of VMs from different users
* weak attackers with less subtle control

The cloud providers try to secure things, e.g. protections against Rowhammer
But can you use the weak attacks left after mitigations deployed by cloud compute providers?
DNNs are resilient to numerical perturbations: this is used both to make things more efficient (e.g. pruning) but also in security it's really hard to make accuracy drop

... BUT this focuses on the average or best case, not the worst cast!
What happens when you can mess with the memory at one of these steps?
* negligible effect on the average case accuracy
* but flipping one bit can make significant amount of damage for particular queries

How much damage can a single bit flip cause?
Try it out!
tl;dr in general, one bit flip can really mess with your model! (Looked for the worst bit to flip)
Well, can you use this? There's a lot less control in real life

Some strong attackers might be able to hit an "achilles" bit (one that's really going to mess with the model), but weaker attackers are going to hit bits more randomly.
So they tried it out!
tl;dr running a pretty weak Rowhammer attack is enough to mess with a ML model being trained.
How about side-channel attacks?

The attacker might want to get their hands on fancy DNNs which are considered trade secrets and proprietary to their creators. They're expensive to make! They need good training data! People want to protect them!
Prior work required that the ML-model-trainer uses an off-the-shelf architecture. But people often don't for the fancy models. So what this work does [... if I'm following correctly] is to basically guess from a lot of architecture possibilities and then filter it down
Why is this possible? Because there are regularities in deep-learning calculation.

Does this work? Apparently so: they tried it out using a cache side-channel attack and got back the architectures of the fancy DNN back.
This needs more study
* we need to understand the worst-case ML fails under hardware attack
* don't discount the ability of an attacker with access to a weak hardware attack to cause a disproportionate amount of damage
You can find a writeup of this research at https://t.co/qUx8nAHW52

[end of talk]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS

More from Science

Matthew Salganik
Matthew Salganik
@msalganik
Announcing the 2021 Summer Institutes in Computational Social Science. #SICSS is for grad students, post-docs & beginning faculty. Free for participants. @chris_bail and I are happy to tell you about all 20 locations. https://t.co/wolhtZIMc5 [thread]


SICSS brings together social scientists & data scientists interested in computational social science for 1-2 week events with intensive study & collaborative research.

Topics covered include automated text analysis, web scraping, non-probability sampling, digital experiments, ethics & much more.

All education materials created for SICSS are available open-source so that people who are unable to participate can still learn. You can also use them in your teaching. Here are materials from previous years:

Because of COVID, all SICSS locations will be online only in 2021.
SCIENCE
Camilo L\xf3pez Aguirre
Camilo López Aguirre...
@cernestola
Ok people, the current hype in #Science around #Archaeology research in #Chiribiquete and #LaLindosa in #Colombia, albeit deserving, it's a clear example of how scientific discovery is colonised and monopolised. We need to have an awkward conversation

As a Colombian expat in #Science, I was always surprised with how places like Chiribiquete were pretty much unknown overseas, considering their scientific, cultural and biological value, and that almost any Colombian has heard about them 2/n

The last couple of weeks I started an increasing trend of people in "developed countries" talking about discoveries of ancient paintings in the Amazon, and managed to trace back the source to this paper from April

As people started reacting more and more to it, media coverage started popping up. At that point a narrative was clear: A British-led expedition just discovered a trove of paintings from the heart of the Colombian Amazon

The discovery was so F&%$ unbelievable that they kept it under the wraps until a @Channel4 documentary was shot and produced to be released later this month
SCIENCE
Advertisement
Billy Bostickson \U0001f3f4\U0001f441&\U0001f441 \U0001f193
Billy Bostickson 🏴👁&👁 ...
@BillyBostickson
https://t.co/a6yrWK5dqg


https://t.co/Xe5xFdtDfO


https://t.co/e3RBxj0ly3


https://t.co/cJlCMqyP2v


https://t.co/5n5TK67iKB
SCIENCE
Gem,Mummy to 6yr \U0001f3c6\U0001f947 Scientist & outdoor educator
Gem,Mummy to 6yr 🏆🥇 Sc...
@EdadventuresM
Hi, I'm #MarvellousMarthy & this is a mini #GlobalScienceShow to celebrate @WomenScienceDay. I'd like to tell you about my STEM Role Model @MarineMumbles. Stick around for @philjemmett who’s up next. #WomenInSTEM #WomenInScience4SDGs #WomenInScience #girlsinSTEM


Go to https://t.co/fAM7lPSznm to watch my film. I love Rockpooling now as a hobby & I have got Mummy & Daddy into it too. I have learnt loads about marine life over the last year & Elizabeth @marinemumbles has shared her ❤️ of the oceans with me. I LOVE crabs 🦀 🦀🦀!!

This is Gem, Marthy’s Mummy. There have been so many other STEM women who have truly inspired #MarvellousMarthy over the past year: @DrJoScience has ignited a love of experiments, @ScienceAmbass has brought giggles with some fab experiment-alongs, @HanaAyboob for introducing her

to some amazing #SciArt, @BryonyMathew for releasing some fabulous books to help raise aspirations, @Astro_Nicole & @Victrix75 for allowing her to interview them as part of #worldspaceweek & @AmeliaJanePiper for the ongoing support since she won the SciComm presenter competition.

So, as you can tell from the film, Marthy adores Elizabeth & is truly inspired by her. Since engaging with her for the first time about 10 months ago, Marthy has developed a very keen & passionate interest for all things Marine! The @angleseyseazoo can vouch for this!!!!
SCIENCE
Thomas Oliver \U0001f41d
Thomas Oliver 🐝...
@thomasroliveruk
Neonicotinoids and why they need to stay banned 🐝

#SciComm #ScienceTwitter #SaveTheBees #ClimateEmergency #ClimateCrisis


Neonicotinoids were banned by the EU in 2018 following multiple scientific studies which proved their severe detrimental impact on pollinators. Effects from neonics include reduced immune function, reduced foraging capabilities, and impaired cognition in bees.


The government has approved neonics for emergency use as a seed treatment on sugar beet. Yields have been impacted by beet yellows, transmitted by aphids. They argue that, because sugar beet does not flower and will not attract pollinators, the risk from neonics is acceptable.


Since the ban on neonics in 2018, the infection rate of beet yellows has increased year on year. Aphid populations have been proliferating due to mild winters, with no agrochemicals to solve the problem.

Sounds like a good case for neonics, right?


But this is the start of a vicious cycle. Climate change isn't going away. Winters will continue to get milder, resulting in the need for more and more pesticides to combat growing pest problems. Inevitably, this won't be the last time neonics are authorised for emergency use.
SCIENCE

You May Also Like

Muhammad Tukur
Muhammad Tukur
@emtukur
Assalam Alaiki dear Sister in Islam. I hope this meets you well. Hope you are keeping safe in this pandemic. May Allah preserve you and your beloved family. I would like to address the misconception and misinterpretation in your thread. Please peruse the THREAD below.


1. First off, a disclaimer. Should you feel hurt by my words in the course of the thread, then forgive me. It’s from me and not from Islam. And I probably have to improve on my delivery. And I may not quote you verbatim, but the intended meaning would be there. Thank You!

2. Standing on Imam Shafii’s quote: “And I never debated anyone but that I did not mind whether Allah clarified the truth on my tongue or his tongue” or “I never once debated anyone hoping to win the debate; rather I always wished that the truth would come from his side.”

3. Okay, into the meat (my love for meat is showing. Lol) of the thread. Even though you didn’t mention the verse that permitted polygamy, everyone knows the verse you were talking about (Q4:3).


4. Your reasons for the revelation of the verse are strange. The first time I came across such. I had to quickly consult the books on the exegeses or tafsir of the Quran written by renowned specialists!
RELIGION
Bharadwaj
Bharadwaj
@BharadwajSpeaks
Thread.

Recently, Harsimrat Kaur @HarsimratBadal_ claimed in parliament that Guru Tegh Bahadur protected the religion of Hindus despite of being a Non-Hindu. And Hindus owe a huge favor to others.

In this thread, I will show that Guru Tegh Bahadur was every inch a Hindu!

Let us begin with some contemporary sources.

Guru Tegh Bahadur visited the holy Triveni at Prayaga in 1662 CE.

This visit is documented in contemporary Bhat Vahi records.

Unlike those unpublished "bhat vahis", this one was published by Sikh historian Madanjit Kaur (1978)


This Bhat Vahi was signed by Guru Tegh Bahadur.

The content of the letter is particularly striking.

Guru Tegh Bahadur calls himself a devotee of Naina Devi.

Note. A devotee of Naina Devi. He does not mention Akal Purakh or Waheguru.


In the record, Guru Tegh Bahadur identifies himself as Sodhi Khatri by Varna and Kaushish by gotra.

This is exactly how the followers of orthodox Hinduism identify themselves to this date!


Further, Guru Tegh Bahadur appoints a brahmin purohit named Bhoj Raj.

He orders Sodhis of his line and all his Sikh followers to obey the aforementioned Brahmin Purohit.

This practice of appointing purohits is just what is referred to by some people as "Brahmanical Hinduism"
ALL , INDIA
Advertisement
Seth Abramson
Seth Abramson
@SethAbramson
(MAJOR NOTE) The reason Manafort took over Trump's campaign in just 3 weeks despite being hired as a mere delegate counter is that ROGER STONE initiated a whisper campaign against Corey Lewandowski. That campaign started...days after Manafort returned from meeting with WikiLeaks.

2/ Stone and Manafort are longtime business partners; we'd expect Manafort to tell Stone what Assange told him, and for him to expect Stone to then pressure the campaign not only to hire him but quickly elevate him.

And who was Stone in touch with at the campaign? Trump himself.

3/ I bet you Manafort's late March emails are very interesting and that some of them are to/from his longtime business associate Roger Stone. And I bet Roger Stone's late March phone calls are very interesting and that some of them are to/from his longtime friend Donald Trump.

4/ At the end of March 2016, Trump suddenly convenes a NatSec meeting. At that meeting he directs his NatSec team to change the RNC platform in July to benefit Putin. Who later takes credit for that change?

Paul Manafort's business associate, Kremlin agent Konstantin Kilimnick.

5/ Why did Donald Trump suddenly convene a NatSec meeting 3 days after he finally hired Manafort? Why did he issue a pro-Kremlin directive at that meeting that Manafort's camp would later take credit for? What did Manafort tell Trump in the days leading up to that NatSec meeting?
POLITICS
Dr Catherine Pemble is #SocialDistancing
Dr Catherine Pemble is...
@CatherinePemble
Right, screw it. Here's a thread on *that* FBLive by Alex Cairnie about #Govanhill. Lets do a watch-through shall we? (Mind, I'm a resident of Govanhill, and a sociologist. I'm also 5'3, and a visibly queer woman so if half his claims are true I should be living in terror)

00:30: Welcomes viewers and uses points out that his videos are only getting attention b/c they're 'horrific'. Directs folk to his Youtube page. So already clout hunting.

1:08: "I've been warned to stay out of Govanhill. I'm a marked man" (proceeds to use a beanie as a disguise)

1:30 "Laughing and joking aside, here's somebodys front garden." Proceeds to show litter and claim its thrown from windows and this is 'common'. I know a handful of streets with litter issues like this, but its neither common nor unique to #govanhill and other deprived areas.

2:10 "Don't be under any illusion I'm only showing you the bad bits" - only shows you the bad bits.

3:45: He's had offers of help, but hes said no because hes not responsible for 'anybody elses safety' Good lord.

5:01: "Its not that bad. But its not all good either" -Correct

6:00: TW: child abuse - He starts claiming to have been contacted by a health professional and told about child abuse 'in the area'. Huge ethical issues here as the 'professional' who has 'been in the game a long time' is reporting to Facebook Dude and not authorities.
HEALTH
Stephen Fasenfeld \U0001f600
Stephen Fasenfeld 😀...
@fasenfeld
1. “Who Are Ireland’s Members Of The World Economic Forum Implementing The Great Reset In 2021 ? 🧵1/28

🕵️🔎 Politicians, Musicians, Clergy, Bankers, Journalists, Human Rights, Artificial Intelligence, Sustainability, Corporations & Agriculture


2. In previous threads I have looked at 🇮🇪 key players in the Trilateral Commission as well as 🇮🇪 people who have attended the Bilderberger meetings. I also looked at the 🇮🇪 in the Young Global Leaders which is a site run by the WEF. You will see a lot of crossover between them.

3. The purpose of this thread is to compile all the Irish members into one thread for ease of access and reading rather than having to dive through the WEF site. This is by no means definitive and I will be adding more over time when they pop out of the woodwork.

4. Ireland’s WEF members are drawn from all walks of life but can be split into 2 separate areas. The WEF calls the first category “people” and the 2nd one “agenda contributors”. In total Ireland has a minimum of 61 members. Some of the names will be familiar and others will not

5. In this thread I’m just going to concentrate on the 21 people (there are probably a lot more). There are also 40 “agenda contributors” which I will cover in a separate thread. The agenda contributors are those who write articles or do research for the WEF site.
ECONOMY