Back in January, Google Health, the branch of Google focused on health-related research, clinical tools, and partnerships for health care services, released an AI model trained on over 90,000 mammogram X-rays that the company said achieved better results than human radiologists. Google claimed that the algorithm could recognize more false negatives — the kind of images that look normal but contain breast cancer — than previous work, but some clinicians, data scientists, and engineers take issue with that statement. In a rebuttal published today in the journal Nature, over 19 coauthors affiliated with McGill University, the City University of New York (CUNY), Harvard University, and Stanford University said that the lack of detailed methods and code in Google’s research “undermines its scientific value.”
Science in general has a reproducibility problem — a 2016 poll of 1,500 scientists reported that 70% of them had tried but failed to reproduce at least one other scientist’s experiment — but it’s particularly acute in the AI field. At ICML 2019, 30% of authors failed to submit their code with their papers by the start of the conference. Studies often provide benchmark results in lieu of source code, which becomes problematic when the thoroughness of the benchmarks comes into question. One recent report found that 60% to 70% of answers given by natural language processing models were embedded somewhere in the benchmark training sets, indicating that the models were often simply memorizing answers. Another study — a meta-analysis of over 3,000 AI papers — found that metrics used to benchmark AI and machine learning models tended to be inconsistent, irregularly tracked, and not particularly informative.
In their rebuttal, the coauthors of the Nature commentary point out that Google’s breast cancer model research lacks details, including a description of model development as well as the data processing and training pipelines used. Google omitted the definition of several hyperparameters for the model’s architecture (the variables used by the model to make diagnostic predictions), and it also didn’t disclose the variables used to augment the dataset on which the model was trained. This could “significantly” affect performance, the Nature coauthors claim; for instance, it’s possible that one of the data augmentations Google used resulted in multiple instances of the same patient, biasing the final results.
NVIDIA Research has invented a way to use AI to dramatically reduce video call bandwidth while simultaneously improving quality.
What the researchers have achieved has remarkable results: by replacing the traditional h.264 video codec with a neural network, they have managed to reduce the required bandwidth for a video call by an order of magnitude. In one example, the required data rate fell from 97.28 KB/frame to a measly 0.1165 KB/frame – a reduction to 0.1% of required bandwidth.
The mechanism behind AI-assisted video conferencing is breathtakingly simple. The technology works by replacing traditional full video frames with neural data. Typically, video calls work by sending h.264 encoded frames to the recipient, and those frames are extremely data-heavy. With AI-assisted video calls, first, the sender sends a reference image of the caller. Then, instead of sending a stream of pixel-packed images, it sends specific reference points on the image around the eyes, nose, and mouth.
A generative adversarial network (or GAN, a type of neural network) on the receiver side then uses the reference image combined with the keypoints to reconstruct subsequent images. Because the keypoints are so much smaller than full pixel images, much less data is sent and therefore an internet connection can be much slower but still provide a clear and functional video chat.
In the researchers’ initial example, they show that a fast internet connection results in pretty much the same quality of stream using both the traditional method and the new neural network method. But what’s most impressive is their subsequent examples, where internet speeds show a considerable degradation of quality using the traditional method, while the neural network is able to produce extremely clear and artifact-free video feeds.
The neural network can work even when the subject is wearing a mask, glasses, headphones, or a hat.
With this technology, more people can enjoy a greater number of features all while using monumentally less data.
But the technology use cases don’t stop there: because the neural network is using reference data instead of the full stream, the technology will allow someone to even change the camera angle to appear like they are looking directly at the screen even if they are not. Called “Free View,” this would allow someone who has a separate camera off-screen to seemingly keep eye contact with those on a video call.
NVIDIA can also use this same method for character animations. Using different keypoints from the original feed, they can add clothing, hair, or even animate video game characters.
Using this kind of neural network will have huge implications for the modern workforce that will not only serve to relieve strain on networks, but also give users more freedom when working remotely. However, because of the way this technology works, there will almost certainly be questions on how it can be deployed and lead to possible issues with “deep fakes” that become more believable and harder to detect.
The Jetson Nano 2GB Developer Kit, announced this week, is a single-board computer – like the Raspberry Pi – though geared towards machine learning rather than general computing. If you like the idea of simple AI projects running on a dedicated board, such as building your own mini self-driving car or an object-recognition system for your home, this one might be for you.
It runs Nvidia CUDA code and provides a Linux-based environment. At only $59 a pop, it’s pretty cheap and a nifty bit of hardware if you’re just dipping your toes in deep learning. As its name suggests, it has 2GB of RAM, plus four Arm Cortex-A57 CPU cores clocked at 1.43GHz and a 128-core Nvidia Maxwell GPU. There are other bits and pieces like gigabit Ethernet, HDMI output, a microSD slot for storage, USB interfaces, GPIO and UART pins, Wi-Fi depending on you region, and more.
“While today’s students and engineers are programming computers, in the near future they’ll be interacting with, and imparting AI to, robots,” said Deepu Talla, vice president and general manager of Edge Computing at Nvidia. “The new Jetson Nano is the ultimate starter AI computer that allows hands-on learning and experimentation at an incredibly affordable price.”
In the endlessly escalating war between those striving to create flawless deepfake videos and those developing automated tools that make them easy to spot, the latter camp has found a very clever way to expose videos that have been digitally modified by looking for literal signs of life: a person’s heartbeat.
If you’ve ever had a doctor attach a pulse oximeter to the tip of your finger, then you’ve already experienced a technique known as photoplethysmography where subtle color shifts in your skin as blood is pumped through in waves allows your pulse to be measured. It’s the same technique that the Apple Watch and wearable fitness tracking devices use to measure your heartbeat during exercise, but it’s not just limited to your fingertips and wrists.
Though not apparent to the naked eye, the color of your face exhibits the same phenomenon, subtly shifting in color as your heart endlessly pumps blood through the arteries and veins under your skin, and even a basic webcam can be used to spot the effect and even measure your pulse. The technique has allowed for the development of contactless monitors for infants, simply requiring a non-obtrusive camera to be pointed at them while they sleep, but now is being leveraged to root out fake news.
Researchers from Binghamton University in Binghamton, New York, worked with Intel to develop a tool called FakeCatcher, and their findings were recently published in a paper titled, “FakeCatcher: Detection of Synthetic Portrait Videos using Biological Signals.” Deepfakes are typically created by matching individual frames of a video to a library of headshots, often times containing thousands of images of a particular person, and then subtly adjusting and tweaking the face being swapped in to match the existing one perfectly. Unbeknownst to the naked eye, those images still contain the telltale biological signs of the person having a pulse, but the machine learning tools used to create deepfakes don’t take into account that when the final video is played back, the moving face should still exhibit a measurable pulse. The random way in which a deepfake video is created results in an unstable pulse measurement when photoplethysmography detection techniques are applied to it, making them easier to spot.
From their testing, the researchers found that FakeCatcher was not only able to spot deepfake videos more than 90 percent of the time, but with the same amount of accuracy, it was also able to determine which of four different deepfake tools—Face2Face, NeuralTex, DeepFakes, or FaceSwap—was used to create the deceptive video. Of course, now that the research and the existence of the FakeCatcher tool has been revealed, it will give those developing the deepfake creation tools the opportunity to improve their own software and to ensure that as a deepfake videos are being created, those subtle shifts in skin color are included to fool photoplethysmography tools as well. But this is good while it lasts.
Microsoft has bagged exclusive rights to use OpenAI’s GPT-3 technology, allowing the Windows giant to embed the powerful text-generating machine-learning model into its own products.
“Today, I’m very excited to announce that Microsoft is teaming up with OpenAI to exclusively license GPT-3, allowing us to leverage its technical innovations to develop and deliver advanced AI solutions for our customers, as well as create new solutions that harness the amazing power of advanced natural language generation,” Microsoft CTO Kevin Scott said on Tuesday.
Right now, GPT-3 is only available to a few teams hand picked by OpenAI. The general-purpose text-in-text-out tool is accessible via an Azure-hosted API, and is being used by, for instance, Reddit to develop automated content moderation algorithms, and by academics investigating how the language model could be used to spread spam and misinformation at a scale so large it would be difficult to filter out.
GPT-3 won’t be available on Google Cloud, Amazon Web Services etc
Microsoft has been cosying up to OpenAI for a while; it last year pledged to invest $1bn in the San Francisco-based startup. As part of that deal, OpenAI got access to Microsoft’s cloud empire to run its experiments, and Microsoft was named its “preferred partner” for commercial products. Due to the exclusive license now brokered, GPT-3 won’t be available on rival cloud services, such as Google Cloud and Amazon Web Services.
[…]
GPT-3 is a massive model containing 175 billion parameters, and was trained on all manner of text scraped from the internet. It’s able to perform all sorts of tasks, including answering questions, translating languages, writing prose, performing simple arithmetic, and even attempting code generation. Although impressive, it remains to be seen if it can be utilized in products for the masses rather than being an object of curiosity.
The European Laboratory for Learning and Intelligent Systems (ELLIS) is officially launching its 30 ELLIS research units on Tuesday, September 15. Since the first 17 units were announced in December 2019, the ELLIS initiative has gained significant momentum, adding another 13 units at top research institutions across Europe. To highlight this rapid progress toward securing the future of European AI research, each unit will be presenting its research focus. While an in-person launch was initially planned in spring at the Royal Society in London, the event was postponed as a result of the global COVID-19 pandemic and will now take place online. The event will be will be open to the general public via livestreaming. A detailed agenda and the YouTube link will be posted shortly.
A detailed agenda and the YouTube link can be found here.
TikTok Wednesday revealed some of the elusive workings of the prized algorithm that keeps hundreds of millions of users worldwide hooked on the viral video app.
[…]
TikTok’s algorithm uses machine learning to determine what content a user is most likely to engage with and serve them more of it, by finding videos that are similar or that are liked by people with similar user preferences.
When users open TikTok for the first time, they are shown 8 popular videos featuring different trends, music, and topics. After that, the algorithm will continue to serve the user new iterations of 8 videos based on which videos the user engages with and what the user does.
The algorithm identifies similar videos to those that have engaged a user based on video information, which could include details like captions, hashtags or sounds. Recommendations also take into account user device and account settings, which include data like language preference, country setting, and device type.
Once TikTok collects enough data about the user, the app is able to map a user’s preferences in relation to similar users and group them into “clusters.” Simultaneously, it also groups videos into “clusters” based on similar themes, like “basketball” or “bunnies.”
Using machine learning, the algorithm serves videos to users based on their proximity to other clusters of users and content that they like.
TikTok’s logic aims to avoid redundancies that could bore the user, like seeing multiple videos with the same music or from the same creator.
Yes, but: TikTok concedes that its ability to nail users’ preferences so effectively means that its algorithm can produce “filter bubbles,” reinforcing users’ existing preferences rather than showing them more varied content, widening their horizons, or offering them opposing viewpoints.
The company says that it’s studying filter bubbles, including how long they last and how a user encounters them, to get better at breaking them when necessary.
Since filter bubbles can reinforce conspiracy theories, hoaxes and other misinformation, TikTok’s product and policy teams study which accounts and video information — themes, hashtags, captions, and so on — might be linked to misinformation.
Videos or creators linked to misinformation are sent to the company’s global content reviewers so they can be managed before they are distributed to users on the main feed, which is called the “For You” page.
The briefing also featured updates about TikTok’s data, privacy and security practices.
The company says it tries to triage and prevent incidents on its platform before they happen by working to detect patterns of problems before they spread.
TikTok’s chief security officer, Roland Cloutier, said it plans to hire more than 100 data, security and privacy experts by year’s end in the U.S.
He also said that the company will be building a monitoring, response and investigative response center in Washington D.C. to actively detect and respond to critical incidents in real time.
The big picture: Beckerman says that TikTok’s transparency efforts are meant to position the company as a leader in Silicon Valley.
“We want to take a leadership position and show more about how the app works,” he said. “For us, we’re new, and we want to do this because we don’t have anything to hide. The more we’re talking to and meeting with lawmakers, the more comfortable they are with the product. That’s the way it should be.”
Simmons, who is a history professor herself. Then, Lazare clarified that he’d received his grade less than a second after submitting his answers. A teacher couldn’t have read his response in that time, Simmons knew — her son was being graded by an algorithm.
Simmons watched Lazare complete more assignments. She looked at the correct answers, which Edgenuity revealed at the end. She surmised that Edgenuity’s AI was scanning for specific keywords that it expected to see in students’ answers. And she decided to game it.
[…]
Now, for every short-answer question, Lazare writes two long sentences followed by a disjointed list of keywords — anything that seems relevant to the question. “The questions are things like… ‘What was the advantage of Constantinople’s location for the power of the Byzantine empire,’” Simmons says. “So you go through, okay, what are the possible keywords that are associated with this? Wealth, caravan, ship, India, China, Middle East, he just threw all of those words in.”
“I wanted to game it because I felt like it was an easy way to get a good grade,” Lazare told The Verge. He usually digs the keywords out of the article or video the question is based on.
Apparently, that “word salad” is enough to get a perfect grade on any short-answer question in an Edgenuity test.
Edgenuity didn’t respond to repeated requests for comment, but the company’s online help center suggests this may be by design. According to the website, answers to certain questions receive 0% if they include no keywords, and 100% if they include at least one. Other questions earn a certain percentage based on the number of keywords included.
[…]
One student, who told me he wouldn’t have passed his Algebra 2 class without the exploit, said he’s been able to find lists of the exact keywords or sample answers that his short-answer questions are looking for — he says you can find them online “nine times out of ten.” Rather than listing out the terms he finds, though, he tried to work three into each of his answers. (“Any good cheater doesn’t aim for a perfect score,” he explained.)
The U.S. Department of Defense (DoD) has invested in the development of technologies that allow the human brain to communicate directly with machines, including the development of implantable neural interfaces able to transfer data between the human brain and the digital world. This technology, known as brain-computer interface (BCI), may eventually be used to monitor a soldier’s cognitive workload, control a drone swarm, or link with a prosthetic, among other examples. Further technological advances could support human-machine decisionmaking, human-to-human communication, system control, performance enhancement and monitoring, and training. However, numerous policy, safety, legal, and ethical issues should be evaluated before the technology is widely deployed. With this report, the authors developed a methodology for studying potential applications for emerging technology. This included developing a national security game to explore the use of BCI in combat scenarios; convening experts in military operations, human performance, and neurology to explore how the technology might affect military tactics, which aspects may be most beneficial, and which aspects might present risks; and offering recommendations to policymakers. The research assessed current and potential BCI applications for the military to ensure that the technology responds to actual needs, practical realities, and legal and ethical considerations.
Visa Inc. said Wednesday it has developed a more advanced artificial intelligence system that can approve or decline credit and debit transactions on behalf of banks whose own networks are down.
The decision to approve or deny a transaction typically is made by the bank. But bank networks can crash because of natural disasters, buggy software or other reasons. Visa said its backup system will be available to banks who sign up for the service starting in October.
The technology is “an incredible first step in helping us reduce the impact of an outage,” said Rajat Taneja, president of technology for Visa. The financial services company is the largest U.S. card network, as measured both by the number of cards in circulation and by transactions.
The new service reflects the growing use of AI in banking. Banks are expected to spend $7.1 billion on AI in 2020, growing to $14.5 billion by 2024, on initiatives such as fraud analysis and investigation, according to market research firm International Data Corp.
The service, Smarter Stand-In Processing, uses a branch of AI called deep learning
[…]
Smarter STIP kicks in automatically if Visa’s network detects that the bank’s network is offline or unavailable.
The older version of STIP uses a rules-based machine learning model as the backup method to manage transactions for banks in the event of a network disruption. In this approach, Visa’s product team and the financial institution define the rules for the model to be able to determine whether a particular transaction should be approved.
“Although it was customized for different users, it was still not very precise,” said Carolina Barcenas, senior vice president and head of Visa Research.
Technologists don’t define rules for the Smarter STIP AI model. The new deep-learning model is more advanced because it is trained to sift through billions of data points of cardholder activity to define correlations on its own.
[…]
In tests, the deep-learning AI model was 95% accurate in mimicking the bank’s decision on whether to approve or decline a transaction, she said. The technology more than doubled the accuracy of the old method, according to the company. The two versions will continue to exist but the more advanced version will be available as a premium service for clients.
AI’s growing catalog of applications and methods has the potential to profoundly affect public policy by generating instances where regulations are not adequate to confront the issues faced by society, also known as regulatory gaps.
The objective of this dissertation is to improve our understanding of how AI influences U.S. public policy. It systematically explores, for the first time, the role of AI in the generation of regulatory gaps. Specifically, it addresses two research questions:
What U.S. regulatory gaps exist due to AI methods and applications?
When looking across all of the gaps identified in the first research question, what trends and insights emerge that can help stakeholders plan for the future?
These questions are answered through a systematic review of four academic databases of literature in the hard and social sciences. Its implementation was guided by a protocol that initially identified 5,240 candidate articles. A screening process reduced this sample to 241 articles (published between 1976 and February of 2018) relevant to answering the research questions.
This dissertation contributes to the literature by adapting the work of Bennett-Moses and Calo to effectively characterize regulatory gaps caused by AI in the U.S. In addition, it finds that most gaps: do not require new regulation or the creation of governance frameworks for their resolution, are found at the federal and state levels of government, and AI applications are recognized more often than methods as their cause.
The minute details of rogue drone’s movements in the air may unwittingly reveal the drone pilot’s location—possibly enabling authorities to bring the drone down before, say, it has the opportunity to disrupt air traffic or cause an accident. And it’s possible without requiring expensive arrays of radio triangulation and signal-location antennas.
So says a team of Israeli researchers who have trained an AI drone-tracking algorithm to reveal the drone operator’s whereabouts, with a better than 80 per cent accuracy level. They are now investigating whether the algorithm can also uncover the pilot’s level of expertise and even possibly their identity.
[…]
Depending on the specific terrain at any given airport, a pilot operating a drone near a camouflaging patch of forest, for instance, might have an unobstructed view of the runway. But that location might also be a long distance away, possibly making the operator more prone to errors in precise tracking of the drone. Whereas a pilot operating nearer to the runway may not make those same tracking errors but may also have to contend with big blind spots because of their proximity to, say, a parking garage or control tower.
And in every case, he said, simple geometry could begin to reveal important clues about a pilot’s location, too. When a drone is far enough away, motion along a pilot’s line of sight can be harder for the pilot to detect than motion perpendicular to their line of sight. This also could become a significant factor in an AI algorithm working to discover pilot location from a particular drone flight pattern.
The sum total of these various terrain-specific and terrain-agnostic effects, then, could be a giant finger pointing to the operator. This AI application would also be unaffected by any relay towers or other signal spoofing mechanisms the pilot may have put in place.
Weiss said his group tested their drone tracking algorithm using Microsoft Research’s open source drone and autonomous vehicle simulator AirSim. The group presented their work-in-progress at the Fourth International Symposium on Cyber Security, Cryptology and Machine Learning at Ben-Gurion University earlier this month.
Their paper boasts a 73 per cent accuracy rate in discovering drone pilots’ locations. Weiss said that in the few weeks since publishing that result, they’ve now improved the accuracy rate to 83 per cent.
Now that the researchers have proved the algorithm’s concept, Weiss said, they’re hoping next to test it in real-world airport settings. “I’ve already been approached by people who have the flight permissions,” he said. “I am a university professor. I’m not a trained pilot. Now people that do have the facility to fly drones [can] run this physical experiment.”
Space seems empty and therefore the perfect environment for radio communications. Don’t let that fool you: There’s still plenty that can disrupt radio communications. Earth’s fluctuating ionosphere can impair a link between a satellite and a ground station. The materials of the antenna can be distorted as it heats and cools. And the near-vacuum of space is filled with low-level ambient radio emanations, known as cosmic noise, which come from distant quasars, the sun, and the center of our Milky Way galaxy. This noise also includes the cosmic microwave background radiation, a ghost of the big bang. Although faint, these cosmic sources can overwhelm a wireless signal over interplanetary distances.
Depending on a spacecraft’s mission, or even the particular phase of the mission, different link qualities may be desirable, such as maximizing data throughput, minimizing power usage, or ensuring that certain critical data gets through. To maintain connectivity, the communications system constantly needs to tailor its operations to the surrounding environment.
Imagine a group of astronauts on Mars. To connect to a ground station on Earth, they’ll rely on a relay satellite orbiting Mars. As the space environment changes and the planets move relative to one another, the radio settings on the ground station, the satellite orbiting Mars, and the Martian lander will need continual adjustments. The astronauts could wait 8 to 40 minutes—the duration of a round trip—for instructions from mission control on how to adjust the settings. A better alternative is to have the radios use neural networks to adjust their settings in real time. Neural networks maintain and optimize a radio’s ability to keep in contact, even under extreme conditions such as Martian orbit. Rather than waiting for a human on Earth to tell the radio how to adapt its systems—during which the commands may have already become outdated—a radio with a neural network can do it on the fly.
Such a device is called a cognitive radio. Its neural network autonomously senses the changes in its environment, adjusts its settings accordingly—and then, most important of all, learns from the experience. That means a cognitive radio can try out new configurations in new situations, which makes it more robust in unknown environments than a traditional radio would be. Cognitive radios are thus ideal for space communications, especially far beyond Earth orbit, where the environments are relatively unknown, human intervention is impossible, and maintaining connectivity is vital.
Worcester Polytechnic Institute and Penn State University, in cooperation with NASA, recently tested the first cognitive radios designed to operate in space and keep missions in contact with Earth. In our tests, even the most basic cognitive radios maintained a clear signal between the International Space Station (ISS) and the ground. We believe that with further research, more advanced, more capable cognitive radios can play an integral part in successful deep-space missions in the future, where there will be no margin for error.
Future crews to the moon and Mars will have more than enough to do collecting field samples, performing scientific experiments, conducting land surveys, and keeping their equipment in working order. Cognitive radios will free those crews from the onus of maintaining the communications link. Even more important is that cognitive radios will help ensure that an unexpected occurrence in deep space doesn’t sever the link, cutting the crew’s last tether to Earth, millions of kilometers away.
Cognitive radio as an idea was first proposed by Joseph Mitola III at the KTH Royal Institute of Technology, in Stockholm, in 1998. Since then, many cognitive radio projects have been undertaken, but most were limited in scope or tested just a part of a system. The most robust cognitive radios tested to date have been built by the U.S. Department of Defense.
When designing a traditional wireless communications system, engineers generally use mathematical models to represent the radio and the environment in which it will operate. The models try to describe how signals might reflect off buildings or propagate in humid air. But not even the best models can capture the complexity of a real environment.
A cognitive radio—and the neural network that makes it work—learns from the environment itself, rather than from a mathematical model. A neural network takes in data about the environment, such as what signal modulations are working best or what frequencies are propagating farthest, and processes that data to determine what the radio’s settings should be for an optimal link. The key feature of a neural network is that it can, over time, optimize the relationships between the inputs and the result. This process is known as training.
Researchers at the University of Chicago’s Sand Lab have developed a technique for tweaking photos of people so that they sabotage facial-recognition systems.
The project, named Fawkes in reference to the mask in the V for Vendetta graphic novel and film depicting 16th century failed assassin Guy Fawkes, is described in a paper scheduled for presentation in August at the USENIX Security Symposium 2020.
Fawkes consists of software that runs an algorithm designed to “cloak” photos so they mistrain facial recognition systems, rendering them ineffective at identifying the depicted person. These “cloaks,” which AI researchers refer to as perturbations, are claimed to be robust enough to survive subsequent blurring and image compression.
The paper [PDF], titled, “Fawkes: Protecting Privacy against Unauthorized Deep Learning Models,” is co-authored by Shawn Shan, Emily Wenger, Jiayun Zhang, Huiying Li, Haitao Zheng, and Ben Zhao, all with the University of Chicago.
“Our distortion or ‘cloaking’ algorithm takes the user’s photos and computes minimal perturbations that shift them significantly in the feature space of a facial recognition model (using real or synthetic images of a third party as a landmark),” the researchers explain in their paper. “Any facial recognition model trained using these images of the user learns an altered set of ‘features’ of what makes them look like them.”
Two examples from the paper showing how different levels of perturbation applied to original photos can derail a facial-recognition system so that future matches are unlikely or impossible … Click to enlarge. Credit: Shan et al.
The boffins claim their pixel scrambling scheme provides greater than 95 per cent protection, regardless of whether facial recognition systems get trained via transfer learning or from scratch. They also say it provides about 80 per cent protection when clean, “uncloaked” images leak and get added to the training mix alongside altered snapshots.
They claim 100 per cent success at avoiding facial recognition matches using Microsoft’s Azure Face API, Amazon Rekognition, and Face++. Their tests involve cloaking a set of face photos and providing them as training data, then running uncloaked test images of the same person against the mistrained model.
Fawkes differs from adversarial image attacks in that it tries to poison the AI model itself, so it can’t match people or their images to their cloaked depictions. Adversarial image attacks try to confuse a properly trained model with specific visual patterns.
The researchers have posted their Python code on GitHub, with instructions for users of Linux, macOS, and Windows. Interested individuals may wish to try cloaking publicly posted pictures of themselves so that if the snaps get scraped and used to train to a facial recognition system – as Clearview AI is said to have done – the pictures won’t be useful for identifying the people they depict.
Fawkes is similar in some respects to the recent Camera Adversaria project by Kieran Browne, Ben Swift, and Terhi Nurmikko-Fuller at Australian National University in Canberra.
Camera Adversia adds a pattern known as Perlin Noise to images that disrupts the ability of deep learning systems to classify images. Available as an Android app, a user could take a picture of, say, a pipe and it would not be a pipe to the classifier.
The researchers behind Fawkes say they’re working on macOS and Windows tools that make their system easier to use.
Today, UNESCO is launching a global online consultation on the ethics of artificial intelligence, to give everyone around the world the opportunity to participate in the work of its international group of experts on AI. This group has been charged with producing the first draft of a Recommendation on the Ethics of AI, to be submitted to UNESCO Member States for adoption in November 2021. If adopted, it will be the first global normative instrument to address the developments and applications of AI.
“It is crucial that as many people as possible take part in this consultation, so that voices from around the world can be heard during the drafting process for the first global normative instrument on the ethics of AI”, says Audrey Azoulay, Director-General of UNESCO.
Twenty-four renowned specialists with multidisciplinary expertise on the ethics of artificial intelligence have been tasked with producing a draft UNESCO Recommendation that takes into account the wide-ranging impacts of AI, including on the environment and the needs of the global south.
With this consultation, UNESCO is inviting civil society organizations, decision-makers, the general public, intergovernmental and non-governmental organizations, media representatives, the private sector, the scientific community and all other interested stakeholders to comment on the draft text before 31 July 2020.
UNESCO is convinced that that there is an urgent need for a global instrument on the ethics of AI to ensure that ethical, social and political issues can be adequately addressed both in times of peace and in extraordinary situations like the current global health crisis.
The UNESCO Recommendation is expected to define shared values and principles, and identify concrete policy measures on the ethics of AI. Its role will be to help Member States ensure that they uphold the fundamental rights of the UN Charter and of the Universal Declaration of Human Rights and that research, design, development, and deployment of AI systems take into account the well-being of humanity, the environment and sustainable development.
The final draft text will be presented for adoption by Member States during the 41st session of UNESCO’s General Conference in November 2021.
Drone swarms frequently fly outside for a reason: it’s difficult for the robotic fliers to navigate in tight spaces without hitting each other. Caltech researchers may have a way for those drones to fly indoors, however. They’ve developed a machine learning algorithm, Global-to-Local Safe Autonomy Synthesis (GLAS), that lets swarms navigate crowded, unmapped environments. The system works by giving each drone a degree of independence that lets it adapt to a changing environment.
Instead of relying on existing maps or the routes of every other drone in the swarm, GLAS has each machine learning how to navigate a given space on its own even as it coordinates with others. This decentralized model both helps the drones improvise and makes scaling the swarm easier, as the computing is spread across many robots.
An additional tracking controller, Neural-Swarm, helps the drones compensate for aerodynamic interactions, such as the downwash from a robot flying overhead. It’s already more reliable than a “commercial” controller that doesn’t account for aerodynamics, with far smaller tracking errors.
This could be useful for drone light shows, of course, but it could also help with more vital operations. Search and rescue drones could safely comb areas in packs, while self-driving cars could keep traffic jams and collisions to a minimum. It may take a while before there are implementations outside of the lab, but don’t be surprised if flocks of drones become relatively commonplace.
Following Canada’s lead earlier this week, privacy watchdogs in Britain and Australia today launched a joint investigation into how Clearview AI harvests and uses billions of images it scraped from the internet to train its facial-recognition algorithms.
The startup boasted it had collected a database packed with more than three billion photos downloaded from people’s public social media pages. That data helped train its facial-recognition software, which was then sold to law enforcement as a tool to identify potential suspects.
Cops can feed a snapshot of someone taken from, say, CCTV footage into Clearview’s software, which then attempts to identify the person by matching it up with images in its database. If there’s a positive match, the software links to that person’s relevant profiles on social media that may reveal personal details such as their name or where they live. It’s a way to translate previously unseen photos of someone’s face into an online handle so that person can be tracked down.
Now, the UK’s Information Commissioner (ICO) and the Office of the Australian Information Commissioner (OAIC) are collaborating to examine the New York-based upstart’s practices. The investigation will focus “on the company’s use of ‘scraped’ data and biometrics of individuals,” the ICO said in a statement.
“The investigation highlights the importance of enforcement cooperation in protecting the personal information of Australian and UK citizens in a globalised data environment,” it added. “No further comment will be made while the investigation is ongoing.”
Cops in Detroit have admitted using facial-recognition technology that fails to accurately identify potential suspects a whopping 96 per cent of the time.
The revelation was made by the American police force’s chief James Craig during a public hearing, this week. Craig was grilled over the wrongful arrest of Robert Williams, who was mistaken as a shoplifter by facial-recognition software used by officers.
“If we would use the software only [to identify subjects], we would not solve the case 95-97 per cent of the time,” Craig said, Vice first reported. “That’s if we relied totally on the software, which would be against our current policy … If we were just to use the technology by itself, to identify someone, I would say 96 per cent of the time it would misidentify.”
The software was developed by DataWorks Plus, a biometric technology biz based in South Carolina. Multiple studies have demonstrated facial-recognition algorithms often struggle with identifying women and people with darker skin compared to Caucasian men.
Researchers from the University of Warwick, Imperial College London, EPFL (Lausanne) and Sciteb Ltd have found a mathematical means of helping regulators and business manage and police Artificial Intelligence systems’ biases towards making unethical, and potentially very costly and damaging commercial choices—an ethical eye on AI.
Artificial intelligence (AI) is increasingly deployed in commercial situations. Consider for example using AI to set prices of insurance products to be sold to a particular customer. There are legitimate reasons for setting different prices for different people, but it may also be profitable to ‘game’ their psychology or willingness to shop around.
The AI has a vast number of potential strategies to choose from, but some are unethical and will incur not just moral cost but a significant potential economic penalty as stakeholders will apply some penalty if they find that such a strategy has been used—regulators may levy significant fines of billions of Dollars, Pounds or Euros and customers may boycott you—or both.
So in an environment in which decisions are increasingly made without human intervention, there is therefore a very strong incentive to know under what circumstances AI systems might adopt an unethical strategy and reduce that risk or eliminate entirely if possible.
Mathematicians and statisticians from University of Warwick, Imperial, EPFL and Sciteb Ltd have come together to help business and regulators creating a new “Unethical Optimization Principle” and provide a simple formula to estimate its impact. They have laid out the full details in a paper bearing the name “An unethical optimization principle”, published in Royal Society Open Science on Wednesday 1st July 2020.
The four authors of the paper are Nicholas Beale of Sciteb Ltd; Heather Battey of the Department of Mathematics, Imperial College London; Anthony C. Davison of the Institute of Mathematics, Ecole Polytechnique Fédérale de Lausanne; and Professor Robert MacKay of the Mathematics Institute of the University of Warwick.
Professor Robert MacKay of the Mathematics Institute of the University of Warwick said:
“Our suggested ‘Unethical Optimization Principle’ can be used to help regulators, compliance staff and others to find problematic strategies that might be hidden in a large strategy space. Optimisation can be expected to choose disproportionately many unethical strategies, inspection of which should show where problems are likely to arise and thus suggest how the AI search algorithm should be modified to avoid them in future.
“The Principle also suggests that it may be necessary to re-think the way AI operates in very large strategy spaces, so that unethical outcomes are explicitly rejected in the optimization/learning process.”
the Monarch of Meat announced a campaign that takes advantage of some sloppy sign recognition in the Tesla Autopilot’s Traffic Light and Stop Sign control, specifically in instances where the Tesla confuses a Burger King sign for a stop sign (maybe a “traffic control” sign?) and proceeds to stop the car, leaving the occupants of the car in a great position to consume some Whoppers.
The confusion was first noted by a Tesla Model 3 owner who has confusingly sawed the top off his steering wheel, for some reason, and uploaded a video of the car confusing the Burger King sign for a stop sign.
Burger King’s crack marketing team managed to arrange to use the video in this ad, and built a short promotion around it:
Did you see what I was talking about with that steering wheel? I guess the owner just thought it looked Batmobile-cool, or something? It’s also worth noting that is seems that the car’s map display has been modified, likely to remove any Tesla branding and obscure the actual location:
The promotion, which Burger King is using the #autopilotwhopper hashtag to promote, was only good for June 23rd, when they’d give you a free Whopper if you met the following conditions:
To qualify for the Promotion, guest must share a picture or video on Twitter, Facebook or Twitter with guest’s smart car outside a BK restaurant using #autopilotwhopper and #freewhopper.
Guests who complete step #3 will receive a direct message, within 24 hours of posting the picture/video, with a unique code for a Free Whopper sandwich (“Coupon”). Limit one Coupon per account.
It seems Burger King is using the phrase “smart car” to refer to any car that has some sort of Level 2 semi-autonomous driver’s assistance system that can identify signs, but the use of the “autopilot” in the hashtag and the original video make it clear that Teslas are the targeted cars here.
Sponge Examples: Energy-Latency Attacks on Neural Networks shows how to find adversarial examples that cause a DNN to burn more energy, take more time, or both. They affect a wide range of DNN applications, from image recognition to natural language processing (NLP). Adversaries might use these examples for all sorts of mischief – from draining mobile phone batteries, though degrading the machine-vision systems on which self-driving cars rely, to jamming cognitive radar.
So far, our most spectacular results are against NLP systems. By feeding them confusing inputs we can slow them down over 100 times. There are already examples in the real world where people pause or stumble when asked hard questions but we now have a dependable method for generating such examples automatically and at scale. We can also neutralize the performance improvements of accelerators for computer vision tasks, and make them operate on their worst case performance.
One implication is that engineers designing real-time systems that use machine learning will have to pay more attention to worst-case behaviour; another is that when custom chips used to accelerate neural network computations use optimisations that increase the gap between worst-case and average-case outcomes, you’d better pay even more attention.
We’ve trained a large-scale unsupervised language model which generates coherent paragraphs of text, achieves state-of-the-art performance on many language modeling benchmarks, and performs rudimentary reading comprehension, machine translation, question answering, and summarization—all without task-specific training.
Our model, called GPT-2 (a successor to GPT), was trained simply to predict the next word in 40GB of Internet text. Due to our concerns about malicious applications of the technology, we are not releasing the trained model. As an experiment in responsible disclosure, we are instead releasing a much smaller model for researchers to experiment with, as well as a technical paper.
[…]
GPT-2 displays a broad set of capabilities, including the ability to generate conditional synthetic text samples of unprecedented quality, where we prime the model with an input and have it generate a lengthy continuation. In addition, GPT-2 outperforms other language models trained on specific domains (like Wikipedia, news, or books) without needing to use these domain-specific training datasets. On language tasks like question answering, reading comprehension, summarization, and translation, GPT-2 begins to learn these tasks from the raw text, using no task-specific training data. While scores on these downstream tasks are far from state-of-the-art, they suggest that the tasks can benefit from unsupervised techniques, given sufficient (unlabeled) data and compute.
Samples
GPT-2 generates synthetic text samples in response to the model being primed with an arbitrary input. The model is chameleon-like—it adapts to the style and content of the conditioning text. This allows the user to generate realistic and coherent continuations about a topic of their choosing, as seen by the following select samples
A new digital tool built to depixelize photos sounds scary and bad. Another way to remove privacy from the world. But this tool is also being used for a sillier and not terrible purpose: Depixelizng old game characters. The results are…nevermind, this is also a terrible use of this tool.
“Face Depixelizer” is a tool Created by Alex Damian, Sachit Menon, and Denis Malimonov. It does exactly what you expect with a name like that. Users can upload a pixelated photo of a face and the tool spits out what that person might look like based on algorithms and all that stuff. In the wrong hands, this type of tech can be used to do some bad shit and will make it harder to hide in this world from police and other powerful and dangerous groups.
But it can also be used to create monsters out of old game characters. Look what this thing did to Mario, for example.
These might be strange or even a bit monstrous, but things start getting much worse when you feed the tool images that don’t look like people at all. For example, this is what someone got after uploading an image of a Cacodemon from Doom.
Machine learning models built for doing business prior to the COVID-19 pandemic will no longer be valid as economies emerge from lockdowns, presenting companies with new challenges in machine learning and enterprise data management, according to Gartner.
The research group has reported that “the extreme disruption in the aftermath of COVID-19… has invalidated many models that are based on historical data.”
Organisations commonly using machine learning for product recommendation engines or next-best-offer, for example, will have to rethink their approach. They need to broaden their machine learning techniques as there is not enough post-COVID-19 data to retrain supervised machine learning models.
Advanced modelling techniques can help
In any case the ‘new normal’ is still emerging, making the validity of prediction models a challenge, said Rita Sallam, distinguished research vice president at Gartner.
“It’s a lot harder to just say those models based on typical data that happened prior to the COVID-19 outbreak, or even data that happened during the pandemic, will be valid. Essentially what we’re seeing is [a] complete shift in many ways in customer expectations, in their buying patterns. Old processing, products, customer needs and wants, and even business models are being replaced. Organisations have to replace them at a pace that is just unprecedented,” she said.
a neural network can be trained to identify photos of dogs by sifting through a large number of photos, making a guess about whether the photo is of a dog, seeing how far off it is and then adjusting its weights and biases until they are closer to reality.
The drawback to this neural network training is something called “chaos blindness”—an inability to predict or respond to chaos in a system. Conventional AI is chaos blind. But researchers from NC State’s Nonlinear Artificial Intelligence Laboratory (NAIL) have found that incorporating a Hamiltonian function into neural networks better enables them to “see” chaos within a system and adapt accordingly.
Simply put, the Hamiltonian embodies the complete information about a dynamic physical system—the total amount of all the energies present, kinetic and potential. Picture a swinging pendulum, moving back and forth in space over time. Now look at a snapshot of that pendulum. The snapshot cannot tell you where that pendulum is in its arc or where it is going next. Conventional neural networks operate from a snapshot of the pendulum. Neural networks familiar with the Hamiltonian flow understand the entirety of the pendulum’s movement—where it is, where it will or could be, and the energies involved in its movement.
In a proof-of-concept project, the NAIL team incorporated Hamiltonian structure into neural networks, then applied them to a known model of stellar and molecular dynamics called the Hénon-Heiles model. The Hamiltonian neural network accurately predicted the dynamics of the system, even as it moved between order and chaos.
“The Hamiltonian is really the ‘special sauce’ that gives neural networks the ability to learn order and chaos,” says John Lindner, visiting researcher at NAIL, professor of physics at The College of Wooster and corresponding author of a paper describing the work. “With the Hamiltonian, the neural network understands underlying dynamics in a way that a conventional network cannot. This is a first step toward physics-savvy neural networks that could help us solve hard problems.”
More information: Anshul Choudhary et al, Physics-enhanced neural networks learn order and chaos, Physical Review E (2020). DOI: 10.1103/PhysRevE.101.062207
