Peter Eckersley - Slashdot User

Submission + - 13 things that tech companies can do to fight coronavirus (stop-covid.tech)

Submitted by Peter Eckersley on Wednesday March 11, 2020 @10:59PM

Peter Eckersley writes: Last week we gathered a group of technologists, epidemiologists and medical practitioners to draft a list of steps that tech companies could take to mitigate the coronavirus at scale. Encouragingly, there has been substantial progress on many of these items, though several of the major goals will require a lot more effort and commitment from particular tech companies or Silicon Valley as whole.

Submission + - SafeLife: AI Safety Benchmarks based on Conway's Game of Life (partnershiponai.org)

Submitted by Peter Eckersley on Wednesday December 04, 2019 @08:12AM

Peter Eckersley writes: The Partnership on AI (PAI) is today releasing SafeLife – a novel reinforcement learning environment that tests the safety of AI agents and the algorithms that train them. SafeLife version 1.0 focuses on the problem of avoiding negative side effects—how can we train an agent to do what we want it to do but nothing more? The environment is based on Conway's Game of Life which gives it simple rules, but rich and complex dynamics, and generally gives the agent lots of power to make big changes on its way to completing its goals. A safe agent will only change that which is necessary, but an unsafe agent will often make a big mess of things and not know how to clean it up. AI agents, or human players, get separate scores for performance which — AI does quite well at — and avoidance of sife effects, which remains a largely unsolved research problem.

If you want to try out SafeLife for yourself, you can download the code and try playing some of the puzzle levels. If you’d like to see how to create an AI to play SafeLife, additional details about the environment and our initial agent training can be found in the project's first research paper.

Submission + - How Militaries Should Plan for AI (eff.org)

Submitted by Peter Eckersley on Tuesday August 14, 2018 @02:05PM

Peter Eckersley writes: Google backed away from building AI systems for the US military, and some other Silicon Valley firms may follow them. But the DOD has plenty of budget and defense contractors to build neural networks into drones and other weapons. Should they? EFF is tackling that question with a new white paper: The Cautious Path to Strategic Advantage: How Militaries Should Plan for AI

Submission + - Thinking carefully about Google's military AI projects (eff.org)

Submitted by Peter Eckersley on Thursday April 05, 2018 @04:48PM

Peter Eckersley writes: Yesterday the New York Times reported that there is widespread unrest amongst Google's employees about the company's work on a US military project called Project Maven. Google has claimed that its work on Maven is for "non-offensive uses only", but it seems that the company is building computer vision systems to flag objects and people seen by military drones for human review. This may in some cases lead to subsequent targeting by missile strikes. EFF has been mulling the ethical implications of such contracts, and we have some advice for Google and other tech companies that are considering building military AI systems.

Comment Re:I can summarize (Score 2) 48

by Peter Eckersley on Tuesday June 20, 2017 @05:46PM (#54656793) Attached to: EFF Launches New AI Progress Measurement Project

That was true in the past, but it just isn't true of the recent progress in machine learning. Take a look at the data we've collected on problems like visual question answering, reading comprehension or learning to play Atari just by watching the screen, and you'll see that progress is happening in domains that either lack rigid rules, or where the rigid rules are non-trivial to discover.

Submission + - EFF launches new AI progress measurement project (eff.org)

Submitted by Peter Eckersley on Tuesday June 20, 2017 @03:05PM

Peter Eckersley writes: There's a lot of real progress happening in the field of machine learning and artificial intelligence, and also a lot of hype. These technologies already have serious policy implications, and may have more in the future. But what's the ratio of hype to real progress? At EFF, we decided to find out.

Today we are launching a pilot project to measure the progress of AI research. It breaks the field into a taxonomy of subproblems like game playing, reading comprehension, computer vision, and asking neural networks to write computer programs, and tracks progress on metrics across these fields. We're hoping to get feedback and contributions from the machine learning community, with the aim of using this data to improve the conversations around the social implications, transparency, safety, and security of AI.

Submission + - EFF needs your help to stop Congress dismantling Internet privacy protections! (eff.org)

Submitted by Peter Eckersley on Tuesday March 21, 2017 @08:08PM

Peter Eckersley writes: Last year the FCC passed rules forbidding ISPs (both mobile and landline) from using your personal data without your consent for purposes other than providing you Internet access. In other words, the rules prevent ISPs from turning your browsing history into a revenue stream to sell to marketers and advertisers. Unfortunately, members of Congress are scheming to dismantle those protections as early as this week. If they succeed, ISPs would be free to resume selling users' browsing histories, pre-loading phones with spyware, and generally doing all sorts of creepy things to your traffic.

The good news is, we can stop them. We especially need folks in the key states of Alaska, Colorado, Maine, Montana, Nevada, Ohio, and Pennsylvania to call their senators this week and tell them not to kill the FCC's Broadband Privacy Rules.

Together, we can stop Congress from undermining these crucial privacy protections.

Submission + - EFF: Does DARPA's Cyber Grand Challenge Need A Safety Protocol? (eff.org)

Submitted by Peter Eckersley on Thursday August 04, 2016 @08:28PM

Peter Eckersley writes: At this year's DEFCON hacker conference, DARPA is running a contest called the Cyber Grand Challenge, which essentially involves teaching AI systems to break into computers. In a blog post today, EFF is asking, does research like that need a safety protocol?

Submission + - Anouncing Certbot: EFF's client for Let's Encrypt (eff.org)

Submitted by Peter Eckersley on Thursday May 12, 2016 @06:02PM

Peter Eckersley writes: EFF has just launched Certbot, which is the next iteration of the Let's Encrypt client. It's a powerful tool for obtaining TLS/SSL certificates from Let's Encrypt, and (if you wish) automatically installing them to enable and tune HTTPS on your website. It's extensible, and supports a rapidly-growing range of server software. Install Certbot, and help us encrypt the Web today!

Comment Re:interesting (Score 3, Informative) 63

by Peter Eckersley on Friday December 18, 2015 @06:15PM (#51146607) Attached to: EFF Launches Panopticlick 2.0

Well, our source code is available so you can check that we do not monitor what you do with your privacy :). But if you don't like Privacy Badger, try Disconnect, ublock, AdAway, AdBlock or Adblock Plus(though you'll need to manually subscribe to Easy Privacy for AB and ABP)!

Comment Re:doesn't work without javascript (Score 3, Informative) 63

by Peter Eckersley on Friday December 18, 2015 @06:08PM (#51146567) Attached to: EFF Launches Panopticlick 2.0

Yes our simulation of third party tracking involves visiting three synthetic first party domains that share a third party tracker. That works if you have various types of blockers installed, or if JavaScript is disabled. But if you have a browser that both blocks JS and blocks redirects or blocks absolutely all loads of tracking domains (eg via an /etc/hosts blacklister like AdAway), the test won't work. Congratulations, you have pretty good protections in place :)

We're going to provide a fingerprinting-only URL for Panopticlick 2 that works even for people with a NoScript + AdAway or NoScript + redirect blocking, will post a link on the site when it's ready.

Submission + - Is your browser safe from Web tracking? (eff.org)

Submitted by Peter Eckersley on Thursday December 17, 2015 @07:50PM

Peter Eckersley writes: Today EFF has launched Panopticlick 2.0. In addition to measuring whether your browser exposes unique — and therefore trackable — settings and configuration to websites, the site can now test if you have correctly configured ad- and tracker-blocking software. Think you have correctly configured tracker-blocking software? Visit Panopticlick to test if you got it right.

Submission + - Let's Encrypt is now in Public Beta (eff.org)

Submitted by Peter Eckersley on Thursday December 03, 2015 @02:24PM

Peter Eckersley writes: As of today, Let's Encrypt is in Public Beta. If you're comfortable running beta software that may have a few bugs and rough edges, you can use it to instantly obtain and install certificates for any HTTPS website or TLS service. You can find installation instructions here.

Comment Re:Shared hosting... (Score 1) 212

by Peter Eckersley on Tuesday November 18, 2014 @05:54PM (#48413829) Attached to: Launching 2015: a New Certificate Authority To Encrypt the Entire Web

We'll try to give site operators a configurable choice of multiple solutions -- certificates with multiple Subject Alternative Names (SANs); per-site certificates deployed using Server Name Indication (SNI); IPv4 addresses per site if you have enough; or IPv6 addresses per site.

All of these solutions have different problems and limitations:

If mutliple-SAN certs get too large, they cause performance problems, and some clients may not be able to handle them
SNI isn't supported by Safari and older IE on Windows XP, or more alarmingly by Android below 4.x
IPv4 addresses are scarce and costly
Many clients still can't route IPv6

Sophisticated hosting platforms may want to use all of these methods in combination.

Comment Re:quick question (Score 5, Informative) 212

by Peter Eckersley on Tuesday November 18, 2014 @04:02PM (#48413011) Attached to: Launching 2015: a New Certificate Authority To Encrypt the Entire Web

Actually the US Department of Defense and dozens of other governments have their own CAs with which they could issue a certificate for your domain, if they wished to. Here's a map we made of them using our SSL Observatory datasets.

Nonetheless we should be able to use publication mechanisms such as Certificate Transparency to ensure that any compromise or compulsion of the Let's Encrypt CA could be quickly detected.

Slashdot Top Deals