138
you are viewing a single comment's thread
view the rest of the comments
[-] 200fifty@awful.systems 53 points 6 months ago* (last edited 6 months ago)

Q: When you think about the big vision — which still my mind is blown that this is your big vision, — of “I’m going to send a digital twin into a meeting, and it’s going to make decisions on my behalf that everyone trusts, that everyone agrees on, and everyone acts upon,” the privacy risk there is even higher. The security surface there becomes even more ripe for attack. If you can hack into my Zoom and get my digital twin to go do stuff on my behalf, woah, that’s a big problem. How do you think about managing that over time as you build toward that vision?

A: That’s a good question. So, I think again, back to privacy and security, I think of two things. First of all, it’s how to make sure somebody else will not hack into your meeting. This is Eric; it’s not somebody else. Another thing: during the call, make sure your conversation is very secure. Literally just last week, we announced the industry’s first post-quantum encryption. That’s the first one, and at the same time, look at deepfake technology — we’re also working on that as well to make sure that deepfakes will not create problems down the road. It is not like today’s two-factor authentication. It’s more than that, right? And because deepfake technology is real, now with AI, this is something we’re also working on — how to improve that experience as well.

Spoken like a true person who has not given one iota of thought to this issue and doesn't know what most of the words he's saying mean

[-] Atelopus-zeteki@kbin.run 21 points 6 months ago* (last edited 6 months ago)

"the industry’s first post-quantum encryption." What the hell is post-quantum encryption?

According to NIST this is something to be developed, not something Zoom has 'all of a sudden created' in the time between that question being asked, and the time the question was answered. SMH.

If you are curious, you can read up on it: https://csrc.nist.gov/projects/post-quantum-cryptography

[-] SnipingNinja@slrpnk.net 10 points 6 months ago

I thought we already had post quantum encryption, or at least that's what some articles I read claimed

[-] Atelopus-zeteki@kbin.run 8 points 6 months ago

Please elaborate. I'm def not up on the cutting edge of encryption. And I'd like to know more.

[-] dgerard@awful.systems 13 points 6 months ago

it means cryptography with algorithms that will be resistant to quantum computers that are any good

[-] Atelopus-zeteki@kbin.run 6 points 6 months ago* (last edited 6 months ago)

Thank you, I understand the goal in a broader sense, and definition. Are you aware of any methods, for instance, that Zoom, or anyone else, could actually be rolling out at this time?

[-] SnipingNinja@slrpnk.net 13 points 6 months ago

This was back in 2022: https://cloud.google.com/blog/products/identity-security/why-google-now-uses-post-quantum-cryptography-for-internal-comms

But from what I understand Google claims to have rolled out an algorithm to Chrome users, I can't find the original article which lead to my first response to you, but this seems not too far from it

[-] Atelopus-zeteki@kbin.run 5 points 6 months ago

I saw that article when I searched DDG. Thanks, I'll give it a look. :-)

[-] froztbyte@awful.systems 7 points 5 months ago* (last edited 5 months ago)

(I realize other comments downthread have already addressed some of this, no slight to others intended)

so, PQC is definitely not snakeoil, and it's actually seen uptake in a lot of things over recent years (just off the top of my head: openssh 9.0 in 2022, evolving work in implementations in TLS ciphers, etc (and as much as I fucking dislike cloudflare, they are actively funding a lot of forward-looking cryptographic work - thus being one to link to)). but as with all things cryptography, it's a moving and changing field

the industry's first post-quantum encryption

I suspect in this statement, "the industry" is load-bearing and inspecific, and resolves as "the industry of things that do what zoom do". it is a highly vague statement though, and I 🤨 at it being used as it was where it was

(e: I did look up their actual announcement about this; "UCaaS" kill me)

I'm reticent to make any further specific claims/statements re the rest of PQC, since while it is one of my areas of interest and in which I keep relatively informed, I'm also not a cryptographer by trade and consider my knowledge at best armchair-competent. pretty damn interesting field though, if you have any interest in math or cryptography it's well worth diving into it sometime :)

[-] dgerard@awful.systems 16 points 6 months ago

Spoken like a chatbot you mean. (raises suspicious eyebrow at Definitely-Human Notabot, CEO)

[-] Soyweiser@awful.systems 10 points 5 months ago

'it isn't somebody else, it is me!' spoken like somebody who read too much mind upload science fiction.

[-] mountainriver@awful.systems 6 points 5 months ago

Reminds me of a sci-fi book series I read in high school. The premise was that a run down Earth had discovered predecessors that left some kind of central gateway to different places, and desperate or adventurous people went through in hope of surviving and finding artefacts that could make them rich.

Anyhow, in the later books technology to upload your mind had been found and used to be able to make decisions and deals without having to attend everything. Problem was that digital you pretty quickly gains experiences meat you never had, meaning it starts to diverge. Some weirdos let the diverge happen, but most people just wipe the digital you regularly and upload a new you. Of course the digital you may beg to continue to exist, making the whole procedure rather awkward. Pretty grim.

I think the predecessors in the end were hiding in black holes because of ancient evil or something. If someone else remembers the books.

[-] gerikson@awful.systems 6 points 5 months ago

That sounds like Frederick Pohl's Gateway series, of which I've only read the first. Very 70s.

https://en.wikipedia.org/wiki/Gateway_(novel)

[-] Soyweiser@awful.systems 4 points 5 months ago

Yes the idea is pretty common in mind upload style science fiction, sometimes they can merge different variants, of you have less copies for example 'beta' 'gamma' etc level copies with less capabilities. (with 'alpha' copies being 100% copies (often having multiple alpha level yous running around is also illegal, see doublesleeving in Altered Carbon).

Don't think science fiction really deals with the problems of these copies making deals with others and then having to report back what happend, which might cost as much time, or more time for the real you to get up to speed.

[-] rook@awful.systems 4 points 5 months ago

You may be unsurprised to learn that Stross did, in Accelerando. Annoyingly, I can’t find my copy, but there’s much forking and joining of mind-states for various purposes, and one character is held liable for the actions of a mind-copy they’d never met but were deemed to be the same person.

Banks touches on it briefly in Feersum Endjinn and Hydrogen Sonata, but not to the same extent.

[-] gerikson@awful.systems 4 points 5 months ago

Ken McLeod has a lot of fun with stuff like this, both in the 2nd and 3rd books of the Fall Revolution series and in Newton's Wake

[-] rook@awful.systems 5 points 5 months ago

He doesn't really play with the multiple-copies-of-one-person interacting though, from recollection. The Stone Canal touches on it, but Accelerando thinks a lot more about the interesting possibilities of what Stross calls "Multiplicity", where folk can freely fork many instances of themselves and potentially join the mind states up again later, etc. Revelation Space cheated its way around thinking about the issue by having alpha-levels be copy-protected. Altered Carbon has it be a rare and brief thing for anyone to be running in more than one place at once. I can see why they did this, but Stross' stuff is more interesting because he didn't shy away from that. I feel like this should be right up Peter Watts' alley, but I don't think he's written anything on this (yet). Uploads not plausible enough for him, I guess.

For other works that you may or may not be familiar with... Lena (or MMAcevedo, which seems like a better title) is a nice short online work that does a better job. Soma is a computer game (in the "walking simulator" style) that also has some great moments, though the protagonist is annoyingly oblivious.

[-] self@awful.systems 3 points 5 months ago

somehow I hadn’t read Lena before, and I really like it! this is the style of fiction I’d love to write, if I had time to write fiction.

[-] dgerard@awful.systems 3 points 5 months ago

you have the entire qntm site to read now

[-] self@awful.systems 3 points 5 months ago

featuring a strong recommendation from @cstross@wandering.shop:

"[D]elivers a refreshing dose of existential despair at the transhuman condition." — Charles Stross

this is making me want print copies of everything, and I haven’t even dug in past Lena yet

[-] self@awful.systems 4 points 5 months ago* (last edited 5 months ago)

I stumbled upon this response blog post to people missing the point of Lena and it’s perfect:

Oh boy, what if there was a maligned sector of human society whose members were for some reason considered less than human? What if they were less visible than most people, or invisible, and were exploited and abused, and had little ability to exercise their rights or even make their plight known?

That's real! That actually happens! You can name four groups of people matching that description without even thinking. We don't need to add some manufactured debate about fictitious, magical uploads to these real scenarios. They are already terrible!

and now I’m trying to brainstorm ways to slip a link to awful.systems into qntm’s inbox that don’t look insane

[-] gerikson@awful.systems 3 points 5 months ago

Yeah, I've got my Brit post-cyberpunk authors mixed up :D

I have read Lena and it's one of the most chilling stories I've ever read. Something about the semi-factual tone (of course there's something called red-washing to torture new uploads) and the statement of number of running uploads is really disturbing.

It also posits a possible , and to me more likely, future of human uploading - not a flowering of possibilities ala Tegmark but digital slavery.

[-] acausal_masochist@awful.systems 5 points 5 months ago

Flexo, shoot Flexo!

[-] counteractor@pawoo.net 4 points 5 months ago

“What if you get hacked?”

“Simply don’t get hacked.”

this post was submitted on 03 Jun 2024
138 points (100.0% liked)

TechTakes

1441 readers
46 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago
MODERATORS