California's AI bill, Harris x AI safety, IPv6 "wormfood", Quantum Cryptography Standards, Meta Data Crawler
GenAI Safety & Security Newsletter (Aug 19 - Aug 25, 2024)
![[FREE e-book] GenAI safety and security](https://substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8cbc4b00-c7d2-4b5d-8795-3d2715fd20c8_731x731.png)
Highlights:
SB1047/ California AI bill: is facing both support and opposition from tech giants and AI experts like OpenAI, Google, and Meta. However, Anthropic now believes the bill’s benefits likely outweigh the costs after amendments were made.
Harris AI safety: Experts believe a potential we could see more aggressive steps toward regulation, potentially building upon the Biden administration's existing AI initiatives and focus on diversity and inclusion within the technology sector.
Microsoft’s wormable IPv6 vulnerability (CVE-2024-38063), a 9.8/10 on the severity scale, is causing a stir.
Post Quantum Encryption Standards: NIST has finalized the first three standards after eight years of development. They are encouraging immediate adoption to protect against future threats from quantum computers.
Meta’s Web Crawlers: it’s called “external agent” to gather data for training with the growing need for high-quality data to fuel increasingly complex AI systems.
Deep Dive:
1. SB1047/ California AI Bill and the Reactions:
The California AI bill (SB 1047) mandates safety testing for AI models costing over $100 million to develop, requires developers to have methods for turning off AI models if they go awry, and gives the state attorney general power to sue non-compliant developers. Source: Reuters
Despite revisions to the bill, OpenAI expressed concerns about its impact on innovation and called for federal AI regulation instead. Source: Bloomberg
Senator Wiener, the bill's sponsor, defended the legislation, arguing that it balances AI innovation with safety and addresses foreseeable risks. Source: Senator Scott Wiener
Next? The California Assembly will vote on the bill. If it passes, it will advance to Governor Gavin Newsom to sign or veto. This bill could set a precedent for AI regulation nationwide.
2. Harris Presidency and its Implications for AI Policy:
Experts believe that a Harris presidency could build upon the Biden administration's AI executive order, potentially leading to more aggressive steps toward AI regulation. Source: Observer
Harris's experience with AI-generated misinformation could inform her approach to AI policy, with a focus on addressing the risks of AI bias and weaponization against vulnerable communities. Source: Observer
A Harris administration might prioritize fostering competition and innovation within the AI sector, potentially targeting monopolistic behavior in Big Tech. Source: Observer
Watch: Keep an eye on Harris’s stances on AI during the campaign. A potential Harris presidency could signal a shift toward more proactive and inclusive AI policies.
3. CVE-2024-38063 IPv6 RCE Unfolding Stories:
This critical vulnerability allows attackers to remotely execute code on Windows machines by sending specially crafted IPv6 packets, posing a significant threat due to its wormable nature. Source: The Register
Disabling IPv6 might seem like a quick fix, but security experts advise against it as it could impact system availability. Installing the Microsoft patch is the recommended course of action. Source: The Stack
The vulnerability highlights the importance of regularly patching systems and conducting thorough security assessments to identify and mitigate potential risks. Source: CSO Online
Action: Immediately install the Microsoft patch to fix this critical vulnerability and prevent potential attacks. Regularly review and update security protocols.
4. Post Quantum Encryption Standards:
NIST has chosen three encryption algorithms, ML-KEM, ML-DSA, and SLH-DSA, as the basis for its post-quantum cryptography (PQC) standards. Source: NIST
These standards are designed to withstand attacks from both classical and quantum computers, safeguarding sensitive information as quantum computing technology develops. Source: CSO Online
Experts are encouraging computer system administrators to begin transitioning to these new standards as soon as possible to protect against future threats. Source: NIST
Advice: Develop a strategy for migrating to these new PQC standards to protect your organization against future quantum computing threats.
5. A New Web Crawler Called External Agents:
Meta's new web crawler, “external agent”, scrapes data from the web to train AI models, specifically their Llama language model. Source: Fortune
This highlights the ongoing reliance of AI companies on vast amounts of data to improve the functionality and performance of their AI models. Source: Fortune
The development of increasingly sophisticated web crawlers raises concerns about data privacy and the ethical implications of data scraping for AI development.
Expect: continued debate and potential regulations surrounding data collection practices used by AI companies.
