BC SCIENCE
Saved by @ThomassRichards

Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

 In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML
For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.
Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!
This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
Recent work targets The Cloud
* co-location of VMs from different users
* weak attackers with less subtle control

The cloud providers try to secure things, e.g. protections against Rowhammer
But can you use the weak attacks left after mitigations deployed by cloud compute providers?
DNNs are resilient to numerical perturbations: this is used both to make things more efficient (e.g. pruning) but also in security it's really hard to make accuracy drop

... BUT this focuses on the average or best case, not the worst cast!
What happens when you can mess with the memory at one of these steps?
* negligible effect on the average case accuracy
* but flipping one bit can make significant amount of damage for particular queries

How much damage can a single bit flip cause?
Try it out!
tl;dr in general, one bit flip can really mess with your model! (Looked for the worst bit to flip)
Well, can you use this? There's a lot less control in real life

Some strong attackers might be able to hit an "achilles" bit (one that's really going to mess with the model), but weaker attackers are going to hit bits more randomly.
So they tried it out!
tl;dr running a pretty weak Rowhammer attack is enough to mess with a ML model being trained.
How about side-channel attacks?

The attacker might want to get their hands on fancy DNNs which are considered trade secrets and proprietary to their creators. They're expensive to make! They need good training data! People want to protect them!
Prior work required that the ML-model-trainer uses an off-the-shelf architecture. But people often don't for the fancy models. So what this work does [... if I'm following correctly] is to basically guess from a lot of architecture possibilities and then filter it down
Why is this possible? Because there are regularities in deep-learning calculation.

Does this work? Apparently so: they tried it out using a cache side-channel attack and got back the architectures of the fancy DNN back.
This needs more study
* we need to understand the worst-case ML fails under hardware attack
* don't discount the ability of an attacker with access to a weak hardware attack to cause a disproportionate amount of damage
You can find a writeup of this research at https://t.co/qUx8nAHW52

[end of talk]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH

More from Science

Sean Carroll
Sean Carroll
@seanmcarroll
Hugh Everett's birthday! Pioneer of the Many-Worlds Interpretation of quantum mechanics. Let us celebrate by thinking about ontological extravagance. I will do so by way of analogy, because I have found that everyone loves analogies and nobody ever willfully misconstrues them.


We look at the night sky and see photons arriving to us, emitted by distant stars. Let's contrast two different theories about how stars emit photons.

One theory says, we know how stars shine, and our equations predict that they emit photons roughly uniformly in all directions. Call this the "Many-Photons Interpretation" (MPI).

But! Others object. That is *so many photons*. Most of which we don't observe, and can't observe, since they're moving away at the speed of light. It's too ontologically extravagant to posit a huge number of unobservable things!

So they suggest a "Photon Collapse Interpretation." According to this theory, the photons emitted toward us actually exist. But photons that would be emitted in directions we will never observe simply collapse into utter non-existence.
SCIENCE
Brahmasri Samavedam Shanmukha Sarma
Brahmasri Samavedam Sh...
@SriSamavedam
The distinction of measuring the time in a scientific manner is achieved only by Bhāratīyas. Time has been measured from the smallest dimension to infiniteness. Even Time is envisioned as God and venerated. Paramēśvara was extolled as ‘Mahākāla’, the very embodiment of Time.


Nārāyaṇa Upaniṣad envisages Nārāyaṇa as ‘Kālaśca Nārāyaṇa:’, the very embodiment of Time, ages ago. The measurement of Time by Bhāratīyas is as ancient as the very God Himself. Count of many future ages has also been done even from very ancient times.

Since these calculations aren't dependent upon the birth & death of any individual, but are done based on astronomical science, they are thoroughly scientific. Unfortunately, during the British rule, the Bhāratīya way of Time measurement was casted as an illusion...

...with an evil intention to establish their command. Though it is 70+ years since independence, blindly time is still measured as BC & AD or CE in this religion-less land without even making any attempt to comprehend the magnanimity of Bhāratīya Time measurement methods.


Time measurement based on inhalation and exhalation : (image)
SCIENCE
Advertisement
Navin Kabra
Navin Kabra
@NGKabra
Did you know that all the nuclear bombs we exploded in the '40s-50s-60s have permanently contaminated all the steel the world has produced since then? All steel in the world is divided into two categories: pre-1945 non-contaminated steel, and post-1945 contaminated steel.

How?

Nuclear bombs (including the tests) create a lot of radioisotopes that are not found in nature. For example Cobalt-60 (a radioactive version of Cobalt-59). And since the 1945 Trinity test, these have all dispersed in the atmosphere.

What does this have to do with steel?

The process of manufacturing steel uses atmospheric air (or atmospheric oxygen). Some of the radioisotopes like Cobalt-60 get pulled in too, and as a result, any steel produced after 1945 has embedded in it some of these radioisotopes, sitting there emitting gamma rays.

Why do we care about traces of radioisotopes in steel? When making Geiger counters, or medical devices to check for radioactive contamination, or astronomical instruments, the emissions from the contaminated steel would interfere with the measurements.

So we need pre-1945 steel

Pre-1945 non-contaminated steel is called "low background steel". And when we need it, where do we get it from?

We go, find pre-World-War-II sunken shipwrecks, and then salvage the steel (and lead) from those to build our instruments which need heavy radiation shielding.
SCIENCE
Black Hole Group
Black Hole Group
@BlackHolesUSP
Today, we are bringing other exciting results involving black holes and AI. We released a new paper:

"Black Hole Weather Forecasting with Deep Learning: A Pilot Study"

Work by Roberta Duarte (@import_robs), Rodrigo Nemmen (@nemmen) and João Paulo Navarro (from @NVIDIABrasil).

The authors used deep learning to simulate the dynamics of gas accreting onto a black hole, i.e., black hole weather forecasting.

They trained the model (U-Net) with frames from numerical solutions of the hydrodynamical equations.

Numerical simulations are time-consuming. A simple simulation can take as long as 7 days to finish. If we go with more complex simulations, this time may increase.

We want to investigate if deep learning can be a new method to simulate accurately in less time!


In the paper, they discussed two examples:

1- The model simulating only one system after learning only from this system
2- The model simulating an unseen system after training with several systems with different initial conditions

In the first example, they trained the model with a single system and analyzed how the model simulates by iterative predictions.

The result is that the model can simulate up to 8e4 gravitational time accurately with a speed-up of 30000x faster!
SCIENCE
Matthew Salganik
Matthew Salganik
@msalganik
Announcing the 2021 Summer Institutes in Computational Social Science. #SICSS is for grad students, post-docs & beginning faculty. Free for participants. @chris_bail and I are happy to tell you about all 20 locations. https://t.co/wolhtZIMc5 [thread]


SICSS brings together social scientists & data scientists interested in computational social science for 1-2 week events with intensive study & collaborative research.

Topics covered include automated text analysis, web scraping, non-probability sampling, digital experiments, ethics & much more.

All education materials created for SICSS are available open-source so that people who are unable to participate can still learn. You can also use them in your teaching. Here are materials from previous years:

Because of COVID, all SICSS locations will be online only in 2021.
SCIENCE

You May Also Like

Mrkhtake2
Mrkhtake2
@mrkhtake2
Today we’re going to talk statistics and semantics. I’m going to do so via the medium of one of Twitter’s favourite stats 1.7% (aka “intersex is as common as red heads.”). The statistic comes from Fausto-Sterling’s work, which you can see a review of

To understand the statistic, we have to drill down into what the meaning of the word intersex is. Most people think of hermaphrodites. Let’s stress at the beginning there has been no example ever of a human being with both sets of working reproductive organs.

There is a very tiny percentage of people who are born with both testicular and ovarian tissue (what Fausto-Sterling calls “true hermaphrodites”). And when I say tiny, we’re talking intersex tiny, as in 0.0117/1,000 live births, or one in 1,000,000. These are very complex cases.

So, how do we arrive at 1.7%? What Fausto-Sterling does is apply a wider scope. Instead, she argues that intersex is anything that doesn’t fit into a platonic ideal. The platonic ideal, in this case, being a phenotypically perfect XX female and a phenotypically perfect XY male.

This means that intersex, used in the context of the 1.7% statistic, includes people for whom there is no sexual ambiguity. Take for example Klinefelter syndrome (XXY males). As Fausto-Sterling acknowledges, many males can go their whole life and not realise they are XXY.
TECH
Mike DiCenzo
Mike DiCenzo
@mikedicenzo
"How the Avengers would respond to the Capitol riot" (a thread)

CAPTAIN AMERICA - tells Falcon, "I fought Nazis once before. They're extremely dangerous." They then see the guy scaling the Capitol wall fall into the shrubs. Falcon: "You sure these are the same Nazis?"

IRON MAN - lands by the guy carrying the podium. Says, "Mind if I borrow this?" then tosses it to Hulk, who swings it like a bat at the mob. Guy: "Hey, that's MY podium!" Iron Man: "Actually it's the Speaker's. And technically, it's a lectern." Then punches him through a wall.

BLACK WIDOW - enters hotel room where Jack Dorsey is tied up. Rips duct tape off his mouth. Jack: "I'll do anything you want!" BW: "Disable POTUS's Twitter. NOW!" Jack fumbles with his phone. "Done. Anything else?" BW: "Yeah. Trim your beard for God's sake." *tosses him clippers*

HULK - grabs a selfie stick from one of the guys and beats him over the head with it. Deeming it too small, he grabs another guy's Confederate flag and takes out a whole swath of rioters. He then tosses the flag to Cap, who uses it as a javelin to impale a fleeing Ted Cruz.

HAWKEYE - hears Iron Man in his earpiece say, "Looks like Orange Julius is tweeting from another account." Hawkeye: "On it." He locks in on Trump through the White House window and fires an arrow, knocking the phone out of Trump's hands. Hawkeye: "Damn that felt good."
GOVERNMENT
Advertisement
Chris Herd
Chris Herd
@chris_herd
I've spoken to 1,500+ people about remote work in the last 9 months

A few predictions of what is likely to emerge before 2030

[ a thread ] 💻🏠🌍

🚜 Rural Living: World-class people will move to smaller cities, have a lower cost of living & higher quality of life

These regions must innovate quickly to attract that wealth. Better schools, faster internet connections are a must

⏰Asynchronous Work: Offices are instantaneous gratification distraction factories where synchronous work makes it impossible to get stuff done

Tools that enable asynchronous work are the most important thing globally remote teams need. A lot of startups will try to tackle this

⚽️Hobbie Renaissance: Remote working will lead to a rise in people participating in hobbies and activities which link them to people in their local community

This will lead to deeper, more meaningful relationships which overcome societal issues of loneliness and issolation

🌍Diversity & Inclusion: The most diverse and inclusive teams in history will emerge rapidly

Companies who embrace it have a first-mover advantage to attract great talent globally. Companies who don't will lose their best people to their biggest competitors
REMOTE WORK
Novid Houellebecq (That's Hollaback)
Novid Houellebecq (Tha...
@GarouGothic
Ok, here is a thread for you.
What happens when you have:
Netflix
Apple
Amazon
WarnerMedia +
Disney+
SonyCrackle (Reboot)
Verizon All Access (after they buy CBS/Viacom)
UniversalSkyMedia
By 2021
Answer? Internet Slows To A Craw and Dies.
Why?
Bandwidth.

Netflix's gets 35% of all internet traffic.
Now we all know Apple Coming to Netflix Corner.
We know that WarnerMedia Planning One
We Know about Disney+
Now how will the net handle 8 Streaming Platforms all at once?
Answer - IT CANT.

But Novid, the speed, the 4K the all everything?
NOOOOO BUDDY.
Even if you could do it and even if AWS ran six million clouds, The Net Will still slow to a crawl. 35%, goes to nearly 90% if any of the 8 or all of the 8 eat at netflix's numbers.

Oh, they wouldn't be running at once.
FOOL. You forget how bad things were when game of thrones season premieres came around. HBO SERVERS FALL DOWN GO BOOM!

Now see if a season like 2021 come around and they air shows on a same day. It gets crazy. AT&T and others gonna realize they cant build out forever. Something will give and it might be your entertainment consumption big time.
TECH
David Neiwert
David Neiwert
@DavidNeiwert
1) “Eliminationism” is a term you need not just to become familiar with, especially in today’s American rush toward authoritarianism. This will be a long, illustrated thread explaining what it means, how it works, and why Donald Trump is now our Eliminationist in Chief.


Warning: Some images contain violence and are disturbing.

Also warning: This thread is ridiculously long. 75 tweets is insane. I apologize. But this stuff is important. I hope you find it compelling anyway. If not, I understand.

2) So, what exactly do we mean by “eliminationism”? Here’s the academic definition:


3) It was largely coined by Holocaust scholar Daniel Jonah Goldhagen in his 1996 book Hitler’s Willing Executioners, about the role ordinary Germans played in the Holocaust, which he described as fueled by “eliminationist antisemitism.”


4) The book describes how in reality the largest numbers of Jews and other victims killed by Nazi directive were rounded up and gunned down or immolated en masse and buried in mass graves by ordinary Germans and non-Jewish residents of German-occupied territories.
SOCIETY