The Fallacy of Artificial General Intelligence: Microsoft's Recognition of the Limits of LLMs

-
  Microsoft released a research work last week [1] that claims that GPT-4 capabilities can be viewed as an early version of Artificial General Intelligence. The authors states that " the breadth and depth of GPT -4's capabilities, we believe that it could reasonably be viewed as an early (yet still incomplete) version of an artificial general intelligence (AGI) system. "  The researchers adopted the following definition of human Intelligence to reach this conclusion: " a very general mental capability that, among other things, involves the ability to reason, plan, solve problems, think abstractly, comprehend complex ideas, learn quickly and learn from experience. ". According to the same paper, the definition was proposed in 1994 by a group of psychologists. Interestingly, the authors of the paper [1] acknowledges that the definition of human intelligence is somehow restrictive. They also acknowledge that some components of this definition are currently missing
Post a Comment

The management of administrative privileges in Oracle Solaris

-

Oracle Solaris presents an interesting approach for distributing root privileges to Solaris users. Their approach has been stable since it was defined in 2003. The approach adopted the RBAC model for defining roles that Solaris users can assume. Solaris considers the root account as a role that users can take. In Solaris, roles are user accounts that cannot log in; thus, each role has an associated password that can be shared by a group of users that share the same role.

From the kernel point of view, Solaris defines four sets of privileges for each process: Effective set, permitted set, Inheritable set, and Limit set. Effective and permitted sets are handled in the same manner as Linux. However, Inheritable and Limit sets are calculated differently during exec() call. In particular, Solaris authorizes the inheritance of privileges after an exec() call, even when the executable doesn’t have privileges stored in its binary. More interestingly, instead of storing privileges in the extended attributes of executables, Solaris provides administrators with a set of central databases (user_attr, prof_attr, and exec_attr) for storing privileges and roles, and user attributes. 

Under Solaris, administrators should define the privileges they can grant to the right profile using the profiles command. They can then assign the right profile to roles or users using rolemod and usermod commands. Users can obtain these privileges when logged in if the right profile is assigned to them directly or when they assume roles if the right profile is granted to roles.

In addition, Solaris allows administrators to define the programs (e.g.,/usr/sbin/snoop) or even scripts that a user/role can use with the privileges defined in the right profile. Administrators can also define the resource that can be used with the privilege. For example, administrators can limit the use of net_privaddr (which allows any program to bind to a port less than 1024) to port 80 and TCP protocols. 

For more clarification, we have implemented our Python script scenario in Solaris 11.3. We have first defined the right profile for an HTTP server python script and the privileges to attribute to this script (net_privaddr and file_dac_execute).  



Then we assign the right profile to a role (testrole) using the command rolemod. And finally, we let the user test assume the role testrole



Interestingly, testrole permits only to execute httpserver4.py, the script declared in the right profile, but not httppython4.py, which is a copy of httpserver4.py, but not declared in the right profile

 


In addition, it is possible to precise the resources on which privileges can be used. For example, the privilege net_privaddr permits to our script to bind to any port less than 1024. We may refine this privilege by allowing our script to bind only at port 80. We can also restrict the privilege file_dac_execute to execute only our script.

 


Finally, Solaris provides users the command ppriv (ppriv –De command) for knowing which privileges programs ask for. This is an important feature that is not present in Linux, but developed by a RootAsRole using eBPF https://github.com/SamerW/RootAsRole

 

Comments

Post a Comment

Popular posts from this blog

What does information security really mean?

-
Security is defined by Meriam-Webster Dictionary  [1] as  the quality or state of being secure.  Secure itself is defined as :  free from danger  or free from risk of loss If we have one million dollars and live in a utopian world, we will not be worried about the dangers that could exist to our money. We may leave our money in the street and label them with our name; no one will take them. Thus, the security and even trust concepts are not relevant in this world because we are sure that everyone is good and has good intentions. In a dystopian world, we are almost sure that dangers exist. Therefore, almost everyone is interested in our assets. In this world, Security is critical as it is the only way that allows us to survive. Trust is relevant also but should be used much less frequently than Security.   In the real world, we are between the utopia and dystopia worlds. We are not sure about the existence or absence of dangers, and yet we need to make decisions about protecting our ass
Read more

Can we build perfect secure ciphers whose key spaces are small?

-
We tend to believe that having a big keyspace is necessary to ensure the secrecy of our information. While this belief is correct for most of our communications, there will be cases when we can obtain perfect secure ciphers whose key spaces are small.  We need to check Shannon’s definition of Perfect Secrecy to see how it is possible. Claude Shannon has many contributions. One of his main contributions was the transformation of cryptography from an art into a rigorous science using probability theory.  In his work, entitled "Communication Theory of Secrecy Systems" 1 ,  Shannon defined the concept of Perfect Secrecy and   proved that the Vernam Cipher is perfectly secure.  Shannon stated that " “Perfect Secrecy” is defined by requiring of a system that after a cryptogram is intercepted by the enemy the a posteriori probabilities of this cryptogram representing various messages be identically the same as the a priori probabilities of the same messages before the intercept
Read more

ChatGPT or CheatGPT? The impact of ChatGPT on education

-
Image
On November 30, OpenAI launched its AI chatbot called ChatGPT. ChatGPT is the most important revolution we have ever had on the Internet, much more important than Blockchains and NFTs. The capacities of ChatGPT are phenomenal. It can do many things, such as writing poems, writing and summarising articles, writing and debugging codes, and solving puzzles and mathematical questions. In addition, the ChatGPT tool can also be used with other tools such as DALL.E 2 (https://openai.com/dall-e-2/) to generate drawings or the Philosopher AI to answer philosophical questions (https://philosopherai.com/). Some tools can also allow the creation of music based on our lyrics. For example, we may use ChatGPT to generate some lyrics and give them to another AI tool to develop our song. If we look at the impacts of these tools pessimistically, the development of AI tools would mean the end of human intelligence and the triumph of human stupidity when only influential individuals can access these tools
Read more