The Fallacy of Artificial General Intelligence: Microsoft's Recognition of the Limits of LLMs

-
  Microsoft released a research work last week [1] that claims that GPT-4 capabilities can be viewed as an early version of Artificial General Intelligence. The authors states that " the breadth and depth of GPT -4's capabilities, we believe that it could reasonably be viewed as an early (yet still incomplete) version of an artificial general intelligence (AGI) system. "  The researchers adopted the following definition of human Intelligence to reach this conclusion: " a very general mental capability that, among other things, involves the ability to reason, plan, solve problems, think abstractly, comprehend complex ideas, learn quickly and learn from experience. ". According to the same paper, the definition was proposed in 1994 by a group of psychologists. Interestingly, the authors of the paper [1] acknowledges that the definition of human intelligence is somehow restrictive. They also acknowledge that some components of this definition are currently missing
Post a Comment

What does information security really mean?

-

Security is defined by Meriam-Webster Dictionary  [1] as  the quality or state of being secure. 

Secure itself is defined as :  free from danger  or free from risk of loss



If we have one million dollars and live in a utopian world, we will not be worried about the dangers that could exist to our money. We may leave our money in the street and label them with our name; no one will take them. Thus, the security and even trust concepts are not relevant in this world because we are sure that everyone is good and has good intentions.



In a dystopian world, we are almost sure that dangers exist. Therefore, almost everyone is interested in our assets. In this world, Security is critical as it is the only way that allows us to survive. Trust is relevant also but should be used much less frequently than Security.

 

In the real world, we are between the utopia and dystopia worlds. We are not sure about the existence or absence of dangers, and yet we need to make decisions about protecting our assets. We need thus to learn how to use Security and Trust. 


Trust has no cost, efficient, and makes trusted people happy

Security is expensive, complex and makes controlled people unhappy


Our role is always to find the best trade-off between security and trust. Trust has no cost and is efficient; we should use it whenever possible. So we should always build some justification before deciding to use security. The reason should come from the fact that there are essential indicators that entities from which we want to protect ourselves can betray our trust. The justification should also be elaborated to define the convenient security mechanisms so that we will not over-secure or under-secure our assets. This is part of a formal process called risk management. 


Based on the Security definition given by Meriam-Webster Dictionary, we can define Information Security as 


The absence of dangers or risk of loss to the information 


The dangers are the threat entities interested in accessing our information without authorization. The risk of loss in the context of information security represents the probability that we can estimate some bad events that could affect our information. Therefore, we need always to be able to define the risks to our data to determine the required security mechanisms to help reduce the risk (probability) of information loss.


Information security is the ultimate objective we want to achieve, but we need to be more specific about the term "information security." What are the characteristics of the information that we want to protect? We should, in general, do our best to avoid the usage of the term "information security" by trying to be more specific, whether we want to protect the Confidentiality, Integrity, or Availability of the information. Sometimes, securing the data can be done only by preserving one of the characteristics, and sometimes we need all of them. The type of information defines what the required security objectives are. For example, I want to ensure my private key's confidentiality and integrity. Still, I need only to protect the integrity of my public key to ensure that no one can link my identity to his public key. The availability security objective is about the intentional attacks that prevent us from accessing our information (e.g., Ransomware). We don't study the problems that can unintentionally affect the access to our information, which is usually referred to as reliability which is generally considered out of the security's scope.


It is essential to ensure that the security objectives defined for one information (e.g., private keys) are respected during the different information states. The information can be stored (e.g., using cryptocurrency wallets), transferred (e.g., using HTTPS protocol), or processed (e.g., using TEE environment or Yubikey).



Information security is thus definitely based on the security of other elements or tools that are used to manage the information: such as computers, networks, internet, mobile, software, etc. However, humans are also important to consider as many attacks happen because of human vulnerabilities (e.g., phishing attacks) and not always because of technological tools' vulnerabilities. 


From the viewpoint of attackers, accessing users' information illegally consists of finding vulnerabilities in any of the tools used to manage the users' information. As we all know, all the tools used to manage users' information have never been proven secure. All vendors know that their tools can have some vulnerabilities, and they hope to find them before the attackers and help their clients close these vulnerabilities before attackers can find them. So, we need today to find another definition of information security, the one that we can apply. We can give the following practical definition of information security as follows:


The ability of information tools vendors to find vulnerabilities before the attackers and to help their clients close them before they are exploited by attackers.


Vendors always do their best to find the vulnerabilities before the attackers by using different methods such as bounty programs. But unfortunately, attackers can often find the vulnerabilities before the vendors (e.g., zero-day vulnerability), and clients are not constantly updating their systems on time. So this should explain why we should always expect attacks in the future and why there is nothing secure 100%.



References

  1. https://www.merriam-webster.com/dictionary/secure

Comments

Post a Comment

Popular posts from this blog

Can we build perfect secure ciphers whose key spaces are small?

-
We tend to believe that having a big keyspace is necessary to ensure the secrecy of our information. While this belief is correct for most of our communications, there will be cases when we can obtain perfect secure ciphers whose key spaces are small.  We need to check Shannon’s definition of Perfect Secrecy to see how it is possible. Claude Shannon has many contributions. One of his main contributions was the transformation of cryptography from an art into a rigorous science using probability theory.  In his work, entitled "Communication Theory of Secrecy Systems" 1 ,  Shannon defined the concept of Perfect Secrecy and   proved that the Vernam Cipher is perfectly secure.  Shannon stated that " “Perfect Secrecy” is defined by requiring of a system that after a cryptogram is intercepted by the enemy the a posteriori probabilities of this cryptogram representing various messages be identically the same as the a priori probabilities of the same messages before the intercept
Read more

ChatGPT or CheatGPT? The impact of ChatGPT on education

-
Image
On November 30, OpenAI launched its AI chatbot called ChatGPT. ChatGPT is the most important revolution we have ever had on the Internet, much more important than Blockchains and NFTs. The capacities of ChatGPT are phenomenal. It can do many things, such as writing poems, writing and summarising articles, writing and debugging codes, and solving puzzles and mathematical questions. In addition, the ChatGPT tool can also be used with other tools such as DALL.E 2 (https://openai.com/dall-e-2/) to generate drawings or the Philosopher AI to answer philosophical questions (https://philosopherai.com/). Some tools can also allow the creation of music based on our lyrics. For example, we may use ChatGPT to generate some lyrics and give them to another AI tool to develop our song. If we look at the impacts of these tools pessimistically, the development of AI tools would mean the end of human intelligence and the triumph of human stupidity when only influential individuals can access these tools
Read more