As I’ve been saying over and over again here (mostly to offset the officials who over-optimistically state Russia can learn or adapt from mistakes) we’re looking at a paper bear going to war in Ukraine.
A dictatorship that destroys imagination and criminalizes innovation, there is little to no chance its troops being trained in how to learn and adapt to any immediate challenge (with the exception of looting and stealing).
The Atlantic now writes this in very exact language from the front lines of war in Ukraine.
He said he had spent much of the past few weeks in the trenches northwest of Kyiv. “The Russians have no imagination,” he said. “They would shell our positions, attack in large formations, and when their assaults failed, do it all over again. Meanwhile, the Ukrainians would raid the Russian lines in small groups night after night, wearing them down.”
It’s proof of both why technology augmentation works so well (human intelligence) and why technology automation is a disaster (human replacement).
“The Russians don’t empower their soldiers,” Zagorodnyuk explained. “They tell their soldiers to go from Point A to Point B, and only when they get to Point B will they be told where to go next, and junior soldiers are rarely told the reason they are performing any task. This centralized command and control can work, but only when events go according to plan. When the plan doesn’t hold together, their centralized method collapses. No one can adapt, and you get things like 40-mile-long traffic jams outside Kyiv.”
This is not to underestimate the suffering caused by Russia.
Just like Nazi Germany, totally ignorant dis-empowered soldiers can commit some of the worst war crimes imaginable and untold destruction of humanity. Even as they fail and falter, plans falling apart, men intent on doing harm can lash out relentlessly and try to take others down with them.
And just like Nazi Germany the war was lost very early, at least by 1942, but they kept fighting anyway for years and committing genocide. Nobody knows what happens next. Things could get worse before they get better. I didn’t even think Russia would invade because to do so is so incredibly stupid and self-defeating. That was my mistake, and I’ve since learned that the Kremlin is even dumber than I had imagined.
The idea of a worse future due to AI is rooted in understanding how automation of bad things happened in the past (e.g. philosophy, politics, economics), and how that will mean even more bad things ahead.
Ifeoma Ajunwa has written an amazing article giving exactly the kind of example we all should study.
He points out what any intelligent human operator would key in on: known qualifications.
…as Sen. Amy Klobuchar helpfully shared on the first day of hearings for Judge Jackson’s confirmation, the nominee has more judicial experience than “four people who are already on the Supreme Court.”
And before that, he points out what un-intelligent (e.g. dumb robot) operators get stuck on: fear based on the unfamiliar or unknown (e.g. racism).
If there were any doubt that this social discrimination still exists, just consider the minimally veiled racist remarks Tucker Carlson made about Judge Jackson’s African name while questioning her credentials. “So, is Ketanji Brown Jackson—a name that even Joe Biden has trouble pronouncing—one of the top legal minds in the entire country?” he asked. In the world of Fox News, an African name alone is disqualifying.
So true. So well said.
But it gets even better. Ifeoma links his analysis to a history of systemic racism in America.
In 2004, Marianne Bertrand and Sendhil Mullainathan published a now-famous field experiment they conducted to test racial discrimination in hiring. They responded with fictitious résumés to help-wanted ads in Boston and Chicago newspapers. They assigned each résumé either a very African American–sounding name (think Lakisha and Jamal) or a very White-sounding name (think Emily or Greg). One result: In general, résumés with White (read European) names received 50 percent more callbacks for interviews. Bertrand and Mullainathan also found that the amount of discrimination was the same across occupations and industries.
The employers did not know for certain that the job applicants were Black Americans—they were making the conclusion based on how they perceived the name.
How our brains perceive a name can be actively manipulated by “deliberately misleading” partisan extremists like Tucker “gas chamber” Carlson.
For weeks, Fox News host Tucker Carlson’s prime-time show has featured racist attacks…
The fact that an alleged asset of foreign military intelligence (Russia) can poison information so openly in America is disappointing on its own, of course. Even worse is when automation technology gives them far more impact.
…open-ended endorsement of white supremacist ideology…
Recognize that Fox is a past form of automation and therefore foreshadowing of the ugly side to AI. The ability to move racism faster and wider, to create more harm more quickly than before, will be the outcome of “open-ended” use of technology for hate.
Google is aware that an exploit for CVE-2022-1096 exists in the wild.
There is only one CVE listed in the update announcement, which hints towards a higher severity than just HIGH not to mention exploits exist in the wild.
The Stable channel has been updated to 99.0.4844.84… This update includes 1 security fix.
It also follows news of attribution for an exploit circulating at the start of 2022, which claims North Korea hunted Americans on Google Chrome with CVE-2022-0609 to steal crypto coin and intelligence.
Remember when Kaspersky in 2018 lost an obviously stupid lawsuit that claimed the U.S. government shouldn’t be able to prohibit products harmful to society?
U.S. District Court Judge Colleen Kollar-Kotelly wrote in her May 30 opinion that U.S. networks and computer systems are “extremely important strategic national assets” whose security depends on the government’s ability to act swiftly against potential threats, even if such actions cause adverse affects for third-party providers like Kaspersky Labs. “These defensive actions may very well have adverse consequences for some third-parties. But that does not make them unconstitutional,” Kollar-Kotelly wrote.
On a related note, Americans I know personally who foolishly agreed to attend Kaspersky CEO’s invite-only security “bash” on a tropical island… ended up with food poisoning and severe illness. Projectile vomit.
True story.
Well, the big news today is that under a 2019 law the FCC has just formally added AO Kaspersky Lab along with China Telecom and China Mobile to a national security threat list.
Kaspersky earlier this year was also in the news when the German government issued a warning, and again when their CEO gave a rather tone-deaf message about Russia invading Ukraine.
“Better to have stayed silent than to have called an invasion a ‘situation’ that requires a ‘compromise’,” Rik Ferguson, of rival cyber-security company TrendMicro, tweeted.
That makes me like TrendMicro.
Think of Kaspersky in terms of a security software vendor telling customers that a serious breach is a situation needing compromise when attackers are Russian. Who would really want to use that vendor versus one that actually defended against being breached?
Some also may remember Kaspersky’s handling of the infamously traitorous General Michael Flynn by giving him large cash payments.
Flynn also received $US11,250 ($14,667) from Kaspersky Government Security Solutions, Inc., described as the US subsidiary of Kaspersky Lab, a Russian cybersecurity firm, according to the documents.
Yes, he was traitorous. Any U.S. General full well knows how businesses and criminal enterprises in Russia are direct extensions of Russian intelligence whenever the Kremin chooses. It’s really no understatement to call Flynn a traitor.
As I told journalists in 2017 (clumsily, I admit): while Mandiant is close to NSA, Crowdstrike is close to FBI, we can’t compare the collaborations with Russia because Putin’s dictatorial control model is completely different from congressional contracts and hand-outs.
Israeli intelligence had since 2014 sounded the alarm to anyone in the U.S. willing to listen to intelligence.
Source: “How Israel Caught Russian Hackers Scouring the World for U.S. Secrets”, New York Times
Perhaps also worth mentioning here, since we’re talking about remembering things, Facebook around 2014 started to carefully audit anyone who came to their site… and then actively pushed Kaspersky code as “free” help.
The problem with Facebook is thousands of active phishing scams but the social media giant has partnered with popular security software developer firm Kaspersky so that users could identify and remove malware from their computers.
Popular security software developer firm Kaspersky? According to what population?
Let’s be honest here.
The real question is whether users could identify and remove the threat from the relatively unheard of Kaspersky software being pushed upon them by Facebook’s security team? I guarantee the vast majority of users had never heard that name before Facebook made it a required “checkpoint” to login.
Moreover, does having a problem with phishing on Facebook sound anything close to being a relevant reason to push an unfamiliar Russian content scanning tool onto people?
In a Facebook post, Facebook’s Software Engineer Threat Infrastructure Team head Trevor Pottinger explained: “To make this programme even more effective, Kaspersky Lab is bringing their expertise… we will offer Kaspersky Malware Scan for Facebook… in the past three months, we have helped [run Kaspersky code on] more than 2 million people’s computers.”
Facebook safety “checkpoint” hit millions of users. Was it Russian surveillance or just Russian code meant “to help”?
Facebook knew exactly who had run the Kaspersky code. They boasted about knowing how many people ran it.
You’ll never guess what happened next.
When called to account for their very precise user tracking and audit practices, Facebook tried to plead total ignorance as if there had been no factual basis to loudly boast “more than 2 million” users had Kaspersky pushed onto them.
Faked malware to harm its own employees and rival companies while pushing into U.S. Government sales. No wonder that now-disgraced Facebook CSO, known for failing to disclose the largest breaches in history, was so welcoming.
For context on why this all might sound so evil the two founders of Kaspersky served as Russian intelligence (KGB). Twice there have been major disagreements at the executive level and its CEO has had major exodus of talent as he consolidated control and refused to be transparent, allow other views, or resolve disputes.
So while it’s really good to see Kaspersky finally being handed the kind of label it has always deserved, I’m disappointed that a heavily Russian-backed Russian-asset like Facebook wasn’t included (as I’ve warned about publicly since at least February 2011 and why I deleted my Facebook account in 2009).
After this FCC explicit ban on Kaspersky should we get to call it the most anti-democratic software ever? Or does that crown remain on Facebook (not least of all for peddling Kaspersky)?
Also, US sales of Kaspersky (under $50m) is tiny compared to the UK (over $500m), so maybe the real question is how much exposure does American national security have to British system compromise.
