Secondo questo report citato da The Information.

In estrema sintesi dice che i dati su cui si basava l’affermazione erano inconsistenti ed insufficienti e che, se proprio, ci sarebbe una riduzione del 13% delle denuncie alle assicurazioni di danni per incidenti, ma…

had no statistically significant effect on other types of insurance claims, including property damage liability, bodily injury liability, claims under medical payment coverage, or personal injury protection claims

e che quindi, non si può affermare nulla con certezza.

Share now →

“l’hardware si rompe, il software nasce rotto” è una massima tirata fuori in una cena dal mio amico Mauro, quello che quando gli chiedi “quale è il tuo linguaggio di programmazione preferito ?” risponde “il saldatore”.

Zcash Bug Could Have Been Used To Create Infinite Tokens

la cosa è stata sistemata 8 mesi dopo che è stata scoperta.

non oso pensare cosa sarebbe successo se una simile notizia avesse riguadato un intermediario finanziario tradizionale.

l’idea che il software aperto sia ispezionabile e quindi sicuro, è fallace.

può essere _più_ sicuro, ma il software è insicuro. punto. anche se ci guardano molte persone competenti.

la sicurezza non esiste.

come dice sempre il mio amico Gigi (la gente che si occupa di security sa bene di chi parlo), la sicurezza è una emozione. sei sicuro quando ti senti sicuro. perchè i problemi possono sempre succedere e il rischio può essere mitigato ma non annullato.

per questo la sicurezza maggiore si ottiene con tecnologie, processi e persone (con valori).

sia per i momenti in cui le cose vanno bene che per quelli in cui le cose non vanno bene. shit happens. punto.

l’assenza di uno di questi fattori riduce il livello di sicurezza complessivo.

basta esserne consci, quando vi si rinuncia.

gli approcci fideistici non sono appropriati.

Share now →

con solo 2 mesi di preavviso.

pensa se lo facesse telecom…

sono sempre stato scettico su gFiber.

ho sempre pensato fosse piu’ che altro marketing regolamentare.

adesso penso che sia un segno di pressione sui ricavi pubblicitari.

Share now →

Dice un articolo appena pubblicato dalla University of California su Transport Policy:

Autonomous vehicles (AVs) have no need to park close to their destination, or even to park at all. Instead, AVs can seek out free on-street parking, return home, or cruise (circle around). Because cruising is less costly at lower speeds, a game theoretic framework shows that AVs also have the incentive to implicitly coordinate with each other in order to generate congestion. Using a traffic microsimulation model and data from downtown San Francisco, this paper suggests that AVs could more than double vehicle travel to, from and within dense, urban cores. New vehicle trips are generated by a 90% reduction in effective parking costs, while existing trips become longer because of driving to more distant parking spaces and cruising….

Conferma ciò che scrissi sei+ mesi fa:

Parcheggi ? dove andiamo noi non servono parcheggi!

…Piu’ la città è congestionata minore è la velocità commerciale, maggiore è il numero di ore che l’auto può guidare al costo. Se la velocità commerciale scendesse a 8mi/hr (nei giorni di traffico la velocità media è 9mi/hr), un’ora di parcheggio costa come la benzina per 37 ore di guida.

1:37 !

Potete immaginare lo scenario della città paralizzata, inondata di auto.

Se voi foste il sindaco, cosa fareste ?

Non potete aumentare il prezzo della benzina.

Non potete ridurre di oltre il 90% il costo dei parcheggi (privati).

Potreste fare un’ordinanza per vietare le auto dedicate e consentire solo auto condivise. Cosa che si potrebbe fare già adesso. Ma ci sarebbe una rivolta, difficilmente passerebbe.

Potreste pensare ad un congestion charge, ma questo impatta chi entra nella zona limitata, non chi ci gira all’interno.

Potreste vietare le auto senza passeggero a bordo. Come è adesso. Non ci sarebbero grandi impatti sulla viabilità ma ci sarebbe comunque un beneficio: Non dovresti prendere la patente (forse).

Share now →

In an early morning chat at the meeting of the HLEG-AI (High level expert group on AI of the European commission), some colleagues were reporting that their job was hindered by excessively strict interpretations of the GDPR by their organizations’ legal counsels.

Fact is that many uses of AI involve personal information and that legal counsels incentives are misaligned with respect of the research&development groups (and that is generally OK) but tends to lead them to be excessively prudent and, quite often, blocking. (and they usually have an almost-veto power).

Legal counsels would benefit from a (quasi) discharge of responsibility.

With the regulation before GDPR one could turn do the privacy regulator to request a prior checking, before starting data processing. They gave guidance by often helping the organization shaping processes and technical details.

Prior chekings no longer exist (replaced by an own impact assessment) and while the whole process is conceptually easier, it may effectively raise some barriers due to a (resonable) precaution by the organization legal counsels.

So, in order to ease a blocking friction in the development of AI systems in Europe,  perhaps we ought to think to some form of prior checking by/with privacy regulators.

Share now →

[at best]

Savant (Wikipiedia)

Share now →

a modest proposal in two (plus one) provisions:

1. limit the number of friends a non-paying user can have: let’s say 100. do you want more friends ? you have to pay something: paying not only introduces friction but implies verifiability of identity of influences in case of suspicion of a crime. multiple (quasi) identical posts by different accounts (e.g. bots) would be easily spotted.
2. limit the level of posts re-sharing. let’s say friends of friends. This would limit the reach of a non paying user to maximum 10.000 persons.
3. (eventually) introduce latency in the visibility of re-shared posts. Let’s say 8 hours. This would allow up to 16 hours to react to fake news posting (content moderation)

the above proposal would not negatively impact social network revenues (nor costs) and would not imply any editorial responsibility for the social network.

just came to my mind.

I’d like to read some comments!

Share now →

What’s the difference between a Robot vacuum cleaner and a traditional vacuum cleaner ?

When you operate a traditional vacuum cleaner in your house, you are the user.

When your Robot vacuum cleaner operates in your house, you are the beneficiary; you are no longer the “user” who “uses” (or operates) the device. You benefit from its activity.

It is no longer a product you use to clean your house; cleaning the house becomes a service you benefit from, provided by a “living product”.

You own the tool, but you are no longer its “user”. You are just the “beneficiary”.

Now think of self driving cars.

You will own the car, but you’re not going to be its “user” driving it, just the passenger, the beneficiary of the service.

We know that with traditional cars, persons who use the tool (car users, aka drivers) happen to use them poorly and cause accidents with casualties. There is a general consensus that, by avoiding having humans using the tool (driving), the number of casualties will dramatically decrease.

Self driving cars are based on statistical AI systems. We know by design that, although they have no defects, they are going to have accidents and eventually determine some casualties.

But those casualties will not be attributable to a poor usage of the tool, as there are no users involved.

If a “perfect” tool is being used by a human who makes a mistake, causing the service outcome to fail, there will be no liability for the manufacturer. For non-AI systems, product liability is associated to a malfunction of a device, when the user uses it correctly.

But, with AI systems, there are no users, just beneficiaries of a service.

We know that, in some occasions, the service provided by a perfect tool, by design, is going to fail (given the statistical nature of AI).

Civil liability can be easily covered by insurances.

But liability is not only civil but also criminal.

Based on existing legal frameworks in various states, in case of mens rea offenses, negligence based offenses, and strict liability offenses, criminal laws do not limit the liability of humans (CEOs, COOs, programmers, users, etc.) who may have been involved in a crime perpetrated by an AI System, given its known non deterministic behaviour.

When a casualty arises from an action of an AI system, many humans are involved, and the arising criminal liability could potentially deter the development of an otherwise benefical technology.

Consider for example a self driving car that reduces 95% of driving casualties; this should be considered as a big human success, but the remaining 5% of casualties would involve criminal responsibility for a number of humans related to the product.

It is a situation somehow similar to drug development where the overall effects of a drug are extremely beneficial to society although it is known beforehand that some adverse events might happen.

Persons involved in the drug development face no criminal responsibility if all prescribed procedures are followed in a correct manner, as monitored by appropriate regulatory bodies.

A similar approach to criminal liability could be developed for AI, in order to not hinder applications that can significantly benefit society although it is known that they might have unwanted consequence in a (comparatively) limited number of cases, lesser than the pre-existing situation.

This is the basis of the bill proposal I introduced when I was in the Italian parliament in the last legislature.

Share now →

the AI Now 2018 Report contends with this central problem and addresses the following key issues:

1. The growing accountability gap in AI, which favors those who create and deploy these technologies at the expense of those most affected
2. The use of AI to maximize and amplify surveillance, especially in conjunction with facial and affect recognition, increasing the potential for centralized control and oppression
3. Increasing government use of automated decision systems that directly impact individuals and communities without established accountability structures
4. Unregulated and unmonitored forms of AI experimentation on human populations
5. The limits of technological solutions to problems of fairness, bias, and discrimination

Within each topic, we identify emerging challenges and new research, and provide recommendations regarding AI development, deployment, and regulation. We offer practical pathways informed by research so that policymakers, the public, and technologists can better understand and mitigate risks.

RECOMMENDATIONS

1. Governments need to regulate AI by expanding the powers of sector-specific agencies to oversee, audit, and monitor these technologies by domain. The implementation of AI systems is expanding rapidly, without adequate governance, oversight, or accountability regimes. Domains like health, education, criminal justice, and welfare all have their own histories, regulatory frameworks, and hazards. However, a national AI safety body or general AI standards and certification model will struggle to meet the sectoral expertise requirements needed for nuanced regulation. We need a sector-specific approach that does not prioritize the technology, but focuses on its application within a given domain. Useful examples of sector-specific approaches include the United States Federal Aviation Administration and the National Highway Traffic Safety Administration.
2. Facial recognition and affect recognition need stringent regulation to protect the public interest. Such regulation should include national laws that require strong oversight, clear limitations, and public transparency. Communities should have the right to reject the application of these technologies in both public and private contexts. Mere public notice of their use is not sufficient, and there should be a high threshold for any consent, given the dangers of oppressive and continual mass surveillance. Affect recognition deserves particular attention. Affect recognition is a subclass of facial recognition that claims to detect things such as personality, inner feelings, mental health, and “worker engagement” based on images or video of faces. These claims are not backed by robust scientific evidence, and are being applied in unethical and irresponsible ways that often recall the pseudosciences of phrenology and physiognomy. Linking affect recognition to hiring, access to insurance, education, and policing creates deeply concerning risks, at both an individual and societal level.
3. The AI industry urgently needs new approaches to governance. As this report demonstrates, internal governance structures at most technology companies are failing to ensure accountability for AI systems. Government regulation is an important component, but leading companies in the AI industry also need internal accountability structures that go beyond ethics guidelines. This should include rank-and-file employee representation on the board of directors, external ethics advisory boards, and the implementation of independent monitoring and transparency efforts. Third party experts should be able to audit and publish about key systems, and companies need to ensure that their AI infrastructures can be understood from “nose to tail,” including their ultimate application and use.
4. AI companies should waive trade secrecy and other legal claims that stand in the way of accountability in the public sector. Vendors and developers who create AI and automated decision systems for use in government should agree to waive any trade secrecy or other legal claim that inhibits full auditing and understanding of their software. Corporate secrecy laws are a barrier to due process: they contribute to the “black box effect” rendering systems opaque and unaccountable, making it hard to assess bias, contest decisions, or remedy errors. Anyone procuring these technologies for use in the public sector should demand that vendors waive these claims before entering into any agreements.
5. Technology companies should provide protections for conscientious objectors, employee organizing, and ethical whistleblowers. Organizing and resistance by technology workers has emerged as a force for accountability and ethical decision making. Technology companies need to protect workers’ ability to organize, whistleblow, and make ethical choices about what projects they work on. This should include clear policies accommodating and protecting conscientious objectors, ensuring workers the right to know what they are working on, and the ability to abstain from such work without retaliation or retribution. Workers raising ethical concerns must also be protected, as should whistleblowing in the public interest.
6. Consumer protection agencies should apply “truth-in-advertising” laws to AI products and services. The hype around AI is only growing, leading to widening gaps between marketing promises and actual product performance. With these gaps come increasing risks to both individuals and commercial customers, often with grave consequences. Much like other products and services that have the potential to seriously impact or exploit populations, AI vendors should be held to high standards for what they can promise, especially when the scientific evidence to back these promises is inadequate and the longer-term consequences are unknown.
7. Technology companies must go beyond the “pipeline model” and commit to addressing the practices of exclusion and discrimination in their workplaces. Technology companies and the AI field as a whole have focused on the “pipeline model,” looking to train and hire more diverse employees. While this is important, it overlooks what happens once people are hired into workplaces that exclude, harass, or systemically undervalue people on the basis of gender, race, sexuality, or disability. Companies need to examine the deeper issues in their workplaces, and the relationship between exclusionary cultures and the products they build, which can produce tools that perpetuate bias and discrimination. This change in focus needs to be accompanied by practical action, including a commitment to end pay and opportunity inequity, along with transparency measures about hiring and retention.
8. Fairness, accountability, and transparency in AI require a detailed account of the “full stack supply chain.” For meaningful accountability, we need to better understand and track the component parts of an AI system and the full supply chain on which it relies: that means accounting for the origins and use of training data, test data, models, application program interfaces (APIs), and other infrastructural components over a product life cycle. We call this accounting for the “full stack supply chain” of AI systems, and it is a necessary condition for a more responsible form of auditing. The full stack supply chain also includes understanding the true environmental and labor costs of AI systems. This incorporates energy use, the use of labor in the developing world for content moderation and training data creation, and the reliance on clickworkers to develop and maintain AI systems.
9. More funding and support are needed for litigation, labor organizing, and community participation on AI accountability issues. The people most at risk of harm from AI systems are often those least able to contest the outcomes. We need increased support for robust mechanisms of legal redress and civic participation. This includes supporting public advocates who represent those cut off from social services due to algorithmic decision making, civil society organizations and labor organizers that support groups that are at risk of job loss and exploitation, and community-based infrastructures that enable public participation.
10. University AI programs should expand beyond computer science and engineering disciplines. AI began as an interdisciplinary field, but over the decades has narrowed to become a technical discipline. With the increasing application of AI systems to social domains, it needs to expand its disciplinary orientation. That means centering forms of expertise from the social and humanistic disciplines. AI efforts that genuinely wish to address social implications cannot stay solely within computer science and engineering departments, where faculty and students are not trained to research the social world. Expanding the disciplinary orientation of AI research will ensure deeper attention to social contexts, and more focus on potential hazards when these systems are applied to human populations.

Share now →

Beninteso. E’ notorio che sono un appassionato di tecnologia ed un innamorato del futuro.

Anche per questo mi disturba quando sento troppa enfasi, che poi inevitabilmente creerà disillusione in chi ci aveva creduto.

Come ad esempio il marketing hype del 5G che servirà a raccogliere meglio le immondizie, riempire le buche per strada e trattare più efficientemente le infezioni del tratto urinario… (la realtà aumentata -cosa conretissima- non deve essere troppo sexy, perchè se ne parla ben poco…)

Per non parlare di tutte le previsioni quasi miracolistiche di mirabolanti applicazioni della blockchain che risolveranno dalle crisi immobiliari alla distribuzione del cibo in africa.. o dell’intelligenza artificiale che risolverà i problemi dell’acne giovanile e che migliorerà le frenate delle biclette (tutti esempi reali)

Non credo che facciano bene all’industria.

Il machine learning e la crittografia (la blockchain è una prova vivente della possibilità di fare overlay network crittografici) sono famiglie di tecnologie assai importante in grado di cambiare molto il modo con cui facciamo molte cose, avendo profondi impatti sulla società, senza necessità di esagerare.

Quando si diceva che dopodomani avremmo avuto le città invase da auto che si guidano da sole, mi ero permesso di segnalare che nuove tecnologie creano nuovi attacchi e puntualmente qualcuno si è messo a studiare come attaccando dei pezzi di nsatro isolante sui cartelli degli stop, le auto non li riconoscevano più. Il numero e la varietà di attacchi possibili a computer di 2 tonnellate che girano in mezzo alla gente, è limitato solo dalla fantasia., per non parlare degli aspetti giuridici- penali, più che civili. (non che non si possa pensare a scenari limitati dove l’applicazione sia più semplice).

Adesso tocca leggere di droni fatti da una società di Google (pardon, di Alphabet) che portano pacchetti di 1,5Kg. e che il servizio è in fase di collaudo in Finlandia. E l’azienda chiede sul suo sito “per cosa lo useresti ?” suggerendo come opzioni farmaci, cibo e pannolini…

Una cosa del genere giusto in Finlandia o in Svizzera.. perchè (senza pensare a malfunzionamenti e danni causati e responsabilità, anche qui, civili e penali) se fatto nel 90% del resto mondo, già mi vedo chi, armato di fionda o flobert abbatte il drone per fregarsi il carico…

Potremmo non esagerare con la “narrazione” ?

Le cose concrete bastano e avanzano.

Share now →

Google incorporerà la divisione sanitaria della sua controllata DeepMind, cosa che è fonte di preoccupazione in quanto Google sarà in grado di accedere a dati sanitari personali e identificabili.

Google ha acquisito DeepMind, un’azienda di intelligenza artificiale con sede a Londra, nel 2014, per 500 milioni di dollari. DeepMind è meglio conosciuto per il suo algoritmo AlphaGo, che ha battuto il campione del mondo di gioco di strategia Go nel 2016, ma ha ampliato le sue capacità  in nuovi settori, compresa la sanità.

DeepMind punta a trasformare la sua app mobile Streams in un assistente AI per infermieri e medici, utilizzando i dati dei pazienti in tempo reale.

Viene utilizzato in diversi ospedali britannici.

E’ stato annunciato che adesso Google la incorporerà (fino ad oggi opera come azienda separata).

DeepMind aveva ripetutamente promesso che non avrebbe mai condiviso i dati con la sua società capogruppo Google. Sembra che ora venga meno a quell’impegno.

E’ già stato accertato che DeepMind ha violato le leggi europee e britanniche sulla protezione dei dati sulla gestione dei pazienti dell’NHS con l’applicazione Streams.

A luglio un comitato etico indipendente aveva stabilito che Deepmind avrebbe dovuto fare di più per rinforzare la propria indipendenza dalla società madre.

Adesso il garante della Privacy UK (ICO) sta osservando la questione. L’anno scorso aveva stabilito che l’NHS trust (che gestisce ospedali in UK) aveva violato la legge adottando Streams.

Da quanto leggo, sono francamente scandalizzato perchè risulta che Google forza la legge scientemente andando contro dichiarazioni precedenti.

La bottom line è che proprio non ci si può fidare di quello che dicono.

Sono contento, anche se costa fatica e conoscenze non alla portata della persona media,  di avere progressivamente abbandonato quasi totalmente Google (“quasi”, perchè ho ancora qualche interazione residua con docs e occasionale con play store su android).

Share now →

• Avere performance più che umane in un task non significa capire cosa si stia facendo.
  
• L’elefante nella stanza: inserendo l’immagine di un elefante in una immagine di una stanza, l’oggetto non viene riconosciuto e causa l’errato o mancato riconoscimento di altri oggetti.
• Audio adversarial examples: 100% di successi nell’attaccare un sistema di riconoscimento del parlato che parte da un brano audiom ne deriva uno simile al 99,9% ma genera un testo diverso che il ricercatore decide.
• Vulnerabilità alle contaminazioni delle facce nel riconoscimento di volti.
• Physical-World Attacks: 100% di errato riconoscimento di cartelli stradali in laboratorio e 85% da video di un veicolo in movimento, attaccando sui cartelli di adesivi bianchi e neri 
• Adversarial Examples for Evaluating Reading Comprehension Systems: Esempi avversi inseriti nei testi che fanno crollare l’accuratezza del riconoscimento dei contenuti al 7%
• Errati riconoscimenti di immagini: Applicando perturbazioni impercettibili alle immagini. Le immagini a sinistra sono riconosciute correttmente, inserendo le perturbazioni centrali, tutte le immagini a destra sono riconosciute come struzzi. 

In sintesi: tutti i sistemi funzionano benissimo, a meno che qualcuno non abbia forti incentivi a farli non funzionare, fregandoli…

Share now →