Cars have become rolling listening posts. They can track phone calls and texts, log queries to websites, record what radio stations you listen to — even tell you when you are breaking the law by exceeding the speed limit.
Automakers, local governments, retailers, insurers and tech companies are eager to leverage this information, especially as cars transform from computers on wheels into something more like self-driving shuttles. And they want to tap into even more data, including what your car’s video cameras see as you travel down a street.
It’s unclear how much of the personal information wasn’t yet public. Some of the records, viewed by Gizmodo at the Voting Village, a collection of real, used voting machines that anyone could tinker with at the DEF CON hacker conference in Las Vegas, include not just name, address, and birthday, but also political party, whether they voted absentee, and whether they were asked to provide identification.
For years, the companies that hoover up your internet browsing and other data have proclaimed that you don't really have anything to worry about, because the data collected on you is "anonymized." In other words, because the data collected about you is assigned a random number and not your name, you should be entirely comfortable with everything from your car to your smart toaster hoovering up your daily habits and selling them to the highest bidder. But studies have repeatedly shown that it only takes a few additional contextual clues to flesh out individual identities. So in an era of cellular location, GPS, and even smart electricity data collection, it doesn't take much work to build a pretty reliable profile on who you are and what you've been up to.
In a keynote demonstration at the DEF CON hacking convention Hyrum Anderson, technical director of data science at security shop Endgame, showed off research that his company had done in adapting Elon Musk’s OpenAI framework to the task of creating malware that security engines can’t spot.
The system basically learns how to tweak malicious binaries so that they can slip past antivirus tools and continue to work once unpacked and executed. Changing small sequences of bytes can fool AV engines, even ones that are also powered by artificial intelligence, he said. Anderson cited research by Google and others to show how changing just a few pixels in an image can cause classification software to mistake a bus for an ostrich.
The upshot here is that slight alterations to an image that are invisible to humans can result in wildly different (and sometimes bizarre) interpretations from a machine learning algorithm. These "adversarial images" have generally required relatively complex analysis and image manipulation, but a group of researchers from the University of Washington, the University of Michigan, Stony Brook University, and the University of California Berkeley have just published a paper showing that it's also possible to trick visual classification algorithms by making slight alterations in the physical world. A little bit of spray paint or some stickers on a stop sign were able to fool a deep neural network-based classifier into thinking it was looking at a speed limit sign 100 percent of the time.
At a conference in July, Disney Research presented a new process called factorized variational autoencoders (FVAEs). Put in plain English, it measures complex audience reactions by assessing facial expressions.
This deep-learning system has been trained to watch an audience of hundreds of faces in a darkened theatre, and to track their reactions: Are they smiling or crying? Bored or asleep, even?
- When did The Simpsons jump the shark? In Spanish, but check out the graph, it's pretty clear.
Data Links is a periodic blog post published on Sundays (specific time may vary) which contains interesting links about data science, machine learning and related topics. You can subscribe to it using the general blog RSS feed or this one, which only contains these articles, if you are not interested in other things I might publish.
Have you read an article you liked and would you like to suggest it for the next issue? Just contact me!