Author name: Mike M.

fcc-bans-cable-tv-industry’s-favorite-trick-for-hiding-full-cost-of-service

FCC bans cable TV industry’s favorite trick for hiding full cost of service

cable tv, fcc cable prices, Policy / /
A person's hand aiming a cable TV remote control at a TV screen

Getty Images | stefanamer

Cable and satellite TV companies must start advertising “all-in” prices instead of using hidden fees to conceal the full cost of video service, the Federal Communications Commission said in new rules adopted last week.

The FCC voted to adopt the rules on March 14, and the final text of the order was released yesterday. The rules are aimed in particular at the Broadcast TV and Regional Sports Network fees charged by Comcast and other companies.

For years, TV providers have advertised artificially low prices that don’t include such fees. The actual bills received by subscribers thus have prices much higher than the advertised rates.

“The record indicates that approximately 24 to 33 percent of a consumer’s bill is attributable to company-imposed fees such as ‘Broadcast TV Fees,’ ‘Regional Sports Surcharges,’ ‘HD Technology Fees,’ and others, and that the ‘dollar amount of company-imposed fees has skyrocketed,'” the FCC order said.

Cable and satellite companies say the Broadcast TV and Regional Sports fees reflect the ever-rising price of acquiring content from programmers. But acquiring programming is the cost of doing business as a TV provider—with no channels to offer, there would be no reason for consumers to buy the service.

Cable lobby mad about “micromanagement”

One of the new rules states that cable and satellite TV “providers that communicate a price for video programming in promotional materials shall state the aggregate price for the video programming in a clear, easy-to-understand, and accurate manner.”

A similar rule will apply to customer bills, requiring an aggregate price in a single line item. In both advertisements and customer bills, the operator must state whether the price is a promotional rate and what the full price will be after the promotion expires.

Cable lobby group NCTA-The Internet & Television Association claimed that the commission’s “micromanagement of advertising in today’s hyper-competitive marketplace will force operators to either clutter their ads with confusing disclosures or leave pricing information out entirely.” The NCTA previously disputed the FCC’s legal authority to issue the rules, which indicates that the industry may sue the commission in an attempt to block the order.

The TV all-in pricing rules won’t take effect immediately. Because they include information-collection requirements, they are subject to a Paperwork Reduction Act review by the US Office of Management and Budget. The rules will take effect after that review or after nine months, whichever is later.

The FCC previously adopted rules requiring broadband providers to list all of their monthly fees and other information in a format modeled after nutrition labels. The broadband label rules take effect next month.

“Beginning April 10, 2024, consumers should look for broadband labels at any point of sale, including online and in stores,” the FCC says. “The labels must disclose important information about broadband prices, introductory rates, data allowances, and broadband speeds. They also include links to information about network management practices and privacy policies.”

FCC bans cable TV industry’s favorite trick for hiding full cost of service Read More »

formula-1-chief-appalled-to-find-team-using-excel-to-manage-20,000-car-parts

Formula 1 chief appalled to find team using Excel to manage 20,000 car parts

Biz & IT, Cars, Excel, Microsoft Excel, Tech / /

Dark matter strikes again —

Williams team leader may only be shocked because he hasn’t worked IT.

A pit stop during the Bahrain Formula One Grand Prix in early March evokes how the team's manager was feeling when looking at the Excel sheet that managed the car's build components.

Enlarge / A pit stop during the Bahrain Formula One Grand Prix in early March evokes how the team’s manager was feeling when looking at the Excel sheet that managed the car’s build components.

ALI HAIDER/POOL/AFP via Getty Images

There’s a new boss at a storied 47-year-old Formula 1 team, and he’s eager to shake things up. He’s been saying that the team is far behind its competition in technology and coordination. And Excel is a big part of it.

Starting in early 2023, Williams team principal James Vowles and chief technical officer Pat Fry started reworking the F1 team’s systems for designing and building its car. It would be painful, but the pain would keep the team from falling even further behind. As they started figuring out new processes and systems, they encountered what they considered a core issue: Microsoft Excel.

The Williams car build workbook, with roughly 20,000 individual parts, was “a joke,” Vowles recently told The Race. “Impossible to navigate and impossible to update.” This colossal Excel file lacked information on how much each of those parts cost and the time it took to produce them, along with whether the parts were already on order. Prioritizing one car section over another, from manufacture through inspection, was impossible, Vowles suggested.

“When you start tracking now hundreds of thousands of components through your organization moving around, an Excel spreadsheet is useless,” Vowles told The Race. Because of the multiple states each part could be in—ordered, backordered, inspected, returned—humans are often left to work out the details. “And once you start putting that level of complexity in, which is where modern Formula 1 is, the Excel spreadsheet falls over, and humans fall over. And that’s exactly where we are.”

The consequences of this row/column chaos, and the resulting hiccups, were many. Williams missed early pre-season testing in 2019. Workers sometimes had to physically search the team’s factory for parts. The wrong parts got priority, other parts came late, and some piled up. And yet transitioning to a modern tracking system was “viciously expensive,” Fry told The Race, and making up for the painful process required “humans pushing themselves to the absolute limits and breaking.”

Williams' driver Alexander Albon drives during the qualifying session of the Saudi Arabian Formula One Grand Prix at the Jeddah Corniche Circuit in Jeddah on March 8, 2024.

Williams’ driver Alexander Albon drives during the qualifying session of the Saudi Arabian Formula One Grand Prix at the Jeddah Corniche Circuit in Jeddah on March 8, 2024.

Joseph Eid/AFP via Getty Images

The devil you know strikes again

The idea that a modern Formula 1 team, building some of the most fantastically advanced and efficient machines on Earth, would be using Excel to build those machines might strike you as odd. F1 cars cost an estimated $12–$16 million each, with resource cap of about $145 million. But none of this really matters, and it actually makes sense, if you’ve ever worked IT at nearly any decent-sized organization.

Then again, it’s not even uncommon in Formula 1. When Sebastian Anthony embedded with the Renault team, he reported back for Ars in 2017 that Renault Sport Formula One’s Excel design and build spreadsheet was 77,000 lines long—more than three times as large as the Williams setup that spurred an internal revolution in 2023.

Every F1 team has its own software setup, Anthony wrote, but they have to integrate with a lot of other systems: Computational Fluid Dynamics (CFD) and wind tunnel results, rapid prototyping and manufacturing, and inventory. This leaves F1 teams “susceptible to the plague of legacy software,” Anthony wrote, though he noted that Renault had moved on to a more dynamic cloud-based system that year. (Renault was also “a big Microsoft shop” in other areas, like email and file sharing, at the time.)

One year prior to Anthony’s excavation, Adam Banks wrote for Ars about the benefits of adopting cloud-based tools for enterprise resource planning (ERP). You adopt a cloud-based business management software to go “Beyond Excel.” “If PowerPoint is the universal language businesses use to talk to one another, their internal monologue is Excel,” Banks wrote. The issue is that all the systems and processes a business touches are complex and generate all kinds of data, but Excel is totally cool with taking in all of it. Or at least 1,048,576 rows of it.

Banks cited Tim Worstall’s 2013 contention that Excel could be “the most dangerous software on the planet.” Back then, international investment bankers were found manually copying and pasting Excel between Excel sheets to do their work, and it raised alarm.

But spreadsheets continue to show up where they ought not. Spreadsheet errors in recent years have led to police doxxing, false trainee test failures, an accidental $10 million crypto transfer, and bank shares sold at sorely undervalued prices. Spreadsheets are sometimes called the “dark matter” of large organizations, being ever-present and far too relied upon despite 90 percent of larger sheets being likely to have a major error.

So, Excel sheets catch a lot of blame, even if they’re just a symptom of a larger issue. Still, it’s good to see one no longer connected to the safety of a human heading into a turn at more than 200 miles per hour.

Formula 1 chief appalled to find team using Excel to manage 20,000 car parts Read More »

on-the-gladstone-report

On the Gladstone Report

Gladstone / /

Like the the government-commissioned Gladstone Report on AI itself, there are two sections here.

First I cover the Gladstone Report’s claims and arguments about the state of play, including what they learned talking to people inside the labs. I mostly agree with their picture and conclusions, both in terms of arguments and reported findings, however I already mostly agreed. If these arguments and this information is new to someone, and the form of a government-backed report helps them process it and take it seriously, this is good work. However, in terms of convincing an already informed skeptic, I believe this is a failure. They did not present their findings in a way that should be found convincing to the otherwise unconvinced.

Second I cover the Gladstone Report’s recommended courses of action. It is commendable that the report lays out a concrete, specific and highly detailed proposal. A lot of the details, and the broader outline, seem good. The compute thresholds seem too aggressive. I would suggest working to get agreement on the structure of intervention, while also talking price on the thresholds, and hopefully getting them to a better place.

According to the report, things are very much Not Great, Bob.

Here is their Twitter summary thread.

Edouard Harris: Here’s what we’ve been working on for over a year:

The first US government-commissioned assessment of catastrophic national security risks from AI — including systems on the path to AGI.

TLDR: Things are worse than we thought. And nobody’s in control.

We started this work with concerns, but no preconceptions. We knew there were solid technical reasons that AI could eventually pose catastrophic risks.

But we went in looking for reasons to change our minds.

We found the opposite.

Our overriding goal was to get to the truth. To do that, we had to do more than just speak to policy and leadership at the AI labs.

We also connected with individual technical researchers, many of whom are way more concerned than their labs let on in public.

Many of these folks came forward on condition of anonymity to share stories.

Let me tell you some of the most insane stuff we learned.

First off, inside one lab there’s apparently a running joke that their security is so bad that they’re doing more to accelerate the AI capabilities of US adversaries, than the adversaries themselves are.

Truly crazy. But this is where we’re at.

It’s a running joke, and also probably true, as I keep noticing. All our talk of ‘but what about China’ has to contend with the fact that China gets almost all its AI abilities directly from the United States. Some of it is spying. Some of it is training using our models. Some of it is seeing what is possible. Some of it is flat out open source and open model weights. But it is all on us.

Needless to say, if a major lab has this kind of running joke, that is completely unacceptable, everyone involved should be at least highly ashamed of themselves. More importantly, fix it.

More detail on this issue can be found in this good Time article, Employees at Top Labs Fear Safety Is an Afterthought, Report Says.

Quotes there are not reassuring.

In December we quietly polled a handful of frontier AI researchers and asked them:

What’s the chance we end up on a path to a catastrophic AI outcome, *during the year 2024?*

We expected <1%. But no:

Lowest we got was 4%. Highest: up to 20%.

That’s a wake-up call.

Catastrophic is very different from existential. If people were saying 4%-20% existential risk for 2024 alone, I would say those numbers are crazy high and make no sense. But this is a 4%-20% risk of a merely catastrophic outcome. If this is defined the way Anthropic defines it (so 1000+ deaths or 200b+ in damages) then I’d be on the low end of this for 2024, but I’m sure as hell not laying 26:1 against it.

One researcher said he was concerned that if $MODEL was ever open-sourced, that would be “horribly bad”, because the model was so potentially good at persuasion that it could “break democracy” if it was weaponized.

Still expects it to happen, within 18-36 months.

I expect this researcher is wrong about this particular model, no matter which model it is, unless it is a fully unreleased one well above GPT-4, in which case yeah it’s pretty terrifying that they expect it to get open sourced within three years. Otherwise, of course, that particular one might not get opened up, but other similar ones well.

Sometimes I wonder if people think we have some sort of magical unbroken democracy lying around?

Another frontier AI researcher says: “It’s insane that we’re scaling without having a good way of telling if a model can do dangerous things or not.”

Sure seems like it.

Does this mean the AI labs *areinsane? No. In fact many of them *wantto do the right thing.

But it’s like I said: nobody’s in control.

The low-hanging fruit least you can do is to make coordination mechanisms easier, enforceable and legal, so that if this was indeed the situation then one could engage in trade:

Here’s what I mean:

We visit one frontier AI lab. An executive there tells us, “we really wish $COMPETITOR wouldn’t race so hard.”

A few weeks later, we speak to $COMPETITOR. And they tell us the same thing about the first lab.

In other words, the labs are locked in a race that they can’t escape.

The AI lab execs still act like they’re running things. But the truth is, the race is running them.

Sounds bad. So what can we do? Well that’s where the last part of our assessment comes in: the Action Plan.

Because along with frontier AI researchers, we spoke to over a hundred of the US government’s top experts in WMD risk, supply chains, nonproliferation policy, defense, and other critical national security areas.

And we consolidated everything into a first-of-its-kind Action Plan: a set of recs for a US-driven initiative to improve AI safety and security, on the path to AGI.

To our knowledge this is the most extensive, deeply researched, and thorough plan of its type in existence.

You can get a copy of the full Action Plan and check out our summaries of its recommendations. [finishes with explanations and thank yous]

Do I mostly believe the picture painted in that Twitter thread?

Yes, I do. But I already believed a similar picture before reading the report.

Does the report make the case for that picture, to someone more skeptical?

And what statements contain new information?

Section 0, the attempt to give background and make the case, begins mostly with facts everyone knows.

This is the first thing that could be in theory new info, and while I had no public confirmation of it before (whether or not I had private confirmation) it is pretty damn obvious.

Footnote, page 23: According to private sources, versions of GPT-4 that exist internally within OpenAI have even more impressive capabilities.

At minimum, of course OpenAI has a version of GPT-4 that is less crippled by RLHF.

They remind the reader, who might not know, that the major labs have exponentially grown their funding into the billions, and are explicitly aiming to build AGI, and that one (Meta) is now saying its goal is to then open source its AGI.

In 0.2 they lay out categories of risk, and start making claims some disagree with.

0.2.1 talks weaponization, that AI could become akin to or enable WMD, such as via cyberattacks, disinformation campaigns or bioweapon designs. Here most agree they are on solid ground, whether or not one quibbles with the risk from various potential weaponization scenarios, or whether one has hope for natural ‘offense-defense balance’ or what not. Taken broadly, this is clearly a risk.

0.2.2 talks about loss of control. This too is very obviously a risk. Yet many dispute this, and refuse to take the possibility seriously.

Here Gladstone focuses on loss of control due to alignment failure.

The second risk class is loss of control due to AGI alignment failure. There is evidence to suggest that as advanced AI approaches AGI-like levels of human- and superhuman general capability, it may become effectively uncontrollable. Specifically, in the absence of countermeasures, a highly capable AI system may engage in so-called power-seeking behaviors.

These behaviors could include strategies to prevent itself from being shut off or from having its goals modified, which could include various forms of deception; establishing control over its environment; improving itself in various ways; and accumulating resources.

Even today’s most advanced AI systems may be displaying early signs of such behavior, and some have demonstrated the capacity [44] and propensity [45] for deception and long-term planning. Though power-seeking remains an active area of research, evidence for it stems from empirical and theoretical studies published at the world’s top AI conferences [2,47].

This is all a very standard explanation. I have many times written similar paragraphs. In theory this explanation should be sufficiently convincing. Pointing out the danger should be enough to show that there is a serious problem here, whatever the difficulty level in solving it. Since the report’s release, Devin has been shown to us, providing an additional example of long term planning and also in various ways power seeking.

If anything I see this as underselling the situation, as it says ‘in the absence of countermeasures’ without noting how difficult finding and implementing those countermeasures is likely to be, and also it only considers the case where the loss of control is due to an alignment failure.

I expect that even if there is not an alignment failure, we face a great danger that humans will have local incentives and competitive dynamics that still push us towards loss of control, and towards intentionally making AIs seek power and do instrumental convergence, not as a failure or even anyone’s ill will but as the outcome we choose freely while meaning well. And of course plenty of people will seek power or money or what not and have an AI do that, or do it for the lulz, or because they think AI is more worthy than us or deserves to be set free, or what not.

A smarter thing that is more capable and competitive and efficient and persuasive being kept under indefinite control by a dumber thing that is less capable and competitive and efficient and persuasive is a rather unnatural and unlikely outcome. It should be treated as such until proven otherwise. Instead, many treat this unnatural outcome as ‘normal’ and the default.

That risk sub-category is not mentioned in the report, whereas I would say it definitely belongs.

They do talk about some other risk categories in 0.2.3, and agree they are important, but note that this report is not addressing those risks.

Apart from weaponization and loss of control, advanced AI introduces other risks of varying likelihood and impact. These include, among others:

● Dangerous failures induced intentionally by adversaries;

● Biased outputs that disadvantage certain individuals or groups;

● Prosaic accidents like self-driving car crashes;

● Exotic accidents due to interactions between complex networks of interdependent AI systems that may lead to cascading failures (“network risk”); and

● Unpredictable and uncontrollable technological change that could itself destabilize society in ways we cannot anticipate [1].

All these risks are important to consider and should be addressed. However, this action plan focuses on risks from weaponization and loss of control.

They emphasize here as they do elsewhere that the catastrophic risks are concentrated in only a few places, at least at present, most AI-related activity does not pose such risks and is good and should be allowed to proceed freely, and I again respond that this means they chose the wrong thresholds (price).

0.3 asks where the catastrophic risks might come from, in terms of who creates it?

They list:

  1. Domestic frontier labs.

  2. Foreign frontier labs (primarily China right now).

  3. Theft and augmentation of frontier models.

  4. Open release of advanced model weights.

Yes. Those would be the four ways things could go wrong. In what they call the ‘medium term’ of 1-5 years, I am not so worried about foreign frontier labs. Open model weights threats are possible towards the end of that timeframe, things are escalating quickly and Meta might become competent some day. But most of my worry is on what comes out of the frontier labs of OpenAI, Anthropic and Google DeepMind, or a similar lab that catches up. That includes the possibility that some entity, foreign or domestic, state or non-state, steals the weights and then acts irresponsibly.

Again I emphasize that this mostly was not an argument. If you were already looking at the existing debate and were unconvinced, nothing so far should convince you.

Section 0.4 attempts to address arguments against regulatory action.

First they tackle in 0.4.1 the argument that self-regulation will be sufficient. They note that yes self-regulation is better than nothing, but it will not be enough, and provide the obvious counterarguments. I would summarize them as:

  1. Frontier labs face huge pressure to race each other, acting responsibly is seen as risking the other players winning while also being less safe. I would add that we still have not properly addressed the anti-trust concerns involved here, the least we could do is allow the labs to coordinate on safety without having to worry they are taking on legal risk.

  2. Their incentives to invest in security or safety are insufficient because they do not absorb the downside risks and negative externalities.

  3. When doing evaluations, there will be intense pressure and temptation to fudge the results, which is very easy to do if you are not adhering to the spirit of the rules and are effectively in charge of your own evaluation.

  4. AI labs lack access to classified threat intelligence. I haven’t been thinking about this issue, but it could easily cause underinvestment in security. It also means that the labs might not know about safety concerns known to others, including other labs.

I would then add a fifth, which is that many major labs such as Meta and Mistral have already announced their intention to be irresponsible. Many influential individuals with deep pockets, such as Marc Andreessen, react with defiance to even milktoast non-binding statements of the form ‘we should try to ensure that our AIs are safe.’

I consider this objection well-answered, here and elsewhere.

This is distinct from the argument that there is no underlying problem requiring a response of any kind. There are those who think there is no danger at all even if capabilities advance a lot, or that until the danger is ‘proven’ or modeled or more concrete we should act as if it is not there.

My response at this point is some combination of an exasperated sigh and a version of ‘you are not serious people.’

There is also the objection that AI is not going to be sufficiently capable any time soon to be catastrophically dangerous. That all the talk from the labs is some combination of optimism and hype, this is all going to ‘hit a wall’ soon in one of various ways. I do think such an outcome is possible.

The counterargument offered by The Gladstone Report is that this is very much not what the labs themselves and their engineers, in best position to know, expect, and that this has to carry substantial weight, enough to justify well-targeted intervention that would do little if there were no major pending capabilities gains. I buy that, although it again raises the question of where they put the thresholds.

In 0.4.2 they address the objection that regulation could damage American innovation and competitiveness. They somewhat bite the bullet, as one must.

The first part of their response is to note their plan is targeted, to not interfere more than necessary to ensure safety and national security, and it would have little or no impact on most American AI efforts and thus not hurt their competitiveness.

The second part of their response is to say, well, yes. If the result of being maximally competitive and innovative would be to risk existential or other catastrophe, if the way we are being that competitive and innovative is to disregard (and effectively socialize) the downside risks, you are going to hurt competitiveness and innovation by not letting the labs do that. This is not an avoidable cost, only one we can minimize, as they claim their plan attempts to do.

The third part of the response is that the cybersecurity requirements in particular favor American competitiveness on net. If foreigners can steal the weights and other lab secrets, then this helps them compete and nullifies our advantages. Not pricing in that externality does not help us compete, quite the opposite.

They do not make other counterarguments one could make here. This is an ongoing thing, but I’ll briefly reiterate here.

It is common for those making this objection to fully adapt the argumento ad absurdum, claiming that any regulation of AI of any kind would doom America to lose to China, or at least put as at grave risk of this. And they say that any move towards any regulation starts a process impossible to stop let alone undo.

When they see any regulation of any kind proposed or pushed anywhere, they warn of that area’s inevitable economic doom (and in the case of the EU, they kind of have a point when all taken together, but I have not been able to bring myself to read the full bill all the way and ow my eyes make it stop someone make it stop). I really do not think I am strawmanning.

The response of course is that America has a big lead over its competitors in numerous ways. If your main rival is China (or the EU, or even the UK), are you saying that China is not regulated? Why shouldn’t China inevitably ‘lose to America’ given all the vastly worse restrictions it places on its citizens and what they can do, that mostly have nothing directly to do with AI?

Also, I won’t go over the evidence here, but China is not exactly going full Leroy Jenkins with its AI safety protocols or public statements, nor is it showing especially impressive signs of life beyond copying or potentially stealing our stuff (including our open model weights stuff, which is free to copy).

As with everything else, the real question is price.

How much competitiveness? How much innovation? What do we get in return? How does this compare to what our rivals are doing on various fronts, and how would they react in response?

If implemented exactly as written in The Gladstone Report, with its very low thresholds, I believe that these restrictions would indeed gravely harm American competitiveness, and drive AI development overseas, although mostly to the UK and other friendly jurisdictions rather than China.

If implemented with the modified thresholds I suggest, I expect minimal impact on competitiveness and innovation, except for future potentially dangerous frontier models that might hit the higher threshold levels. In which case, yes, not disregarding the risks and costs is going to mean you take a hit to how fast you get new things. How else could this possibly work?

Do you think that it doesn’t take longer or cost more when you make sure your bridge won’t fall down? I still highly recommend making sure the bridges won’t fall down.

0.4.3 responds to the standard argument from the ethics crowd, that catastrophic risk ‘could divert attention’ from other issues.

The report gives the standard argument that we should and must do both, and there is no conflict, we should deal with catastrophic risks in proportion to the threat.

Nothing proposed here makes other issues worse, or at least the other issues people tend to raise here. More than that, the interventions that are proposed here would absolutely advance the other issues that people say this would distract from, and lay groundwork for further improvements.

As always, the distraction argument proves too much. It is a general counterargument against ever doing almost anything.

It also ignores the very real dangers to these ‘other issues.’

Working for social justice is like fetching the coffee, in the sense that you cannot do it if you are dead.

Some instrumental convergence from the humans, please.

If you think the catastrophic risks are not worth a response, that there is no threat, then by all means argue that. Different argument. See 0.4.4, coming right up.

If you think the catastrophic risks are not worth a response, because they impact everyone equally and thus do not matter in the quest for social justice, or because you only care about today’s concerns and this is a problem for future Earth and you do not much care about the future, or something like that?

Then please speak directly into this microphone.

0.4.4 deals with the objection I’ve been differentiating above, that there is nothing to worry about, no response is needed. They cite Yann LeCun and Andrew Ng as saying existential risk from AI is very low.

The report responds that they will present their evidence later, but that numerous other mainstream researchers disagree, and these concerns are highly credible.

As presented here all we have are dueling arguments from authority, which means we have exactly nothing useful. Again, if you did not previously believe there was any catastrophic risk in the room after considering the standard arguments, you should not as of this point be changing your mind.

They also mention Richard Sutton and others who think humanity’s replacement by AI is inevitable and we should not seek to prevent it, instead we should do ‘succession planning.’ To which I traditionally say, of course: Please speak directly into this microphone.

The fact that by some accounts 10% of those in the field hold this view, that we should welcome our future AI overlords in the sense of letting humanity be wiped out, seems like a very good reason not to leave the question of preventing this up to such folks.

They leave out what I consider the best arguments against regulation of AI.

The best argument is that the government is terrible at regulating things. They reliably mess it up, and they will mess it up this time as well, in various surprising and unsurprising ways. You do not get the regulations you carefully crafted, you get whatever happens after various stakeholders butcher and twist all of it. It does not get implemented the way you intended. It then gets modified in ways that make it worse, and later expanded in ways you never wanted, and recovery from that is very difficult.

That is all very true. The choice is what you can realistically get versus nothing.

So you have to make the case that what you will get, in practice, is still better than doing nothing. Often this is not the case, where no action is a second best solution but it beats trying to intervene.

A related good argument, although it is often taken way too far in this context, is the danger of regulatory capture. Yes, one could argue, the major players are the ones hurt by these laws as written. But by writing such laws at all, you eventually put them in position where they will work the system to their advantage.

I would have liked to see these arguments addressed. Often in other cases regulations are passed without anyone noticing such issues.

I do think it is clear that proposals of this form clear these hurdles, the alternative is too unacceptable and forces our hand. The proposals here, and the ones many have converged on over the past year, are chosen with these considerations squarely in mind.

Another common argument is that we do not yet know enough about what regulations would be best. Instead, we should wait until we know more, because regulations become difficult to change.

My response is three-fold.

First, in this situation we cannot wait until the problems arise, because they are existential threats that could be impossible to stop by the time we concretely see or fully understand exactly what is going wrong. There is a lot of path dependence, and there are lots of long and variable lags lie in our future responses.

Second, I think this objection was a lot stronger a year ago, when we did not have good policy responses available. At this point, we know quite a lot. We can be confident that we know what choke points are available to target with regulation. We can target the chips, data centers and hardware, and very large compute-intensive training runs. We can hope to gain control and visibility there, exactly where the potential existential and catastrophic risks lie, with minimal other impact. And the geopolitical situation is highly favorable to this strategy.

What is the alternative regime being proposed? Aside from ‘hope for the best’ or ‘wait and see’ I see no other proposals.

Third, if we do not use this regime, and we allow model proliferation, then the required regulatory response to contain even mundane risks would leave a much bigger footprint. We would be forced to intervene on the level of any device capable of doing inference, or at minimum of doing fine-tuning. You do not want this. And even if you think we should take our chances, I suggest brushing up on public choice theory. That is not what we would do in that situation, if humans are still in control. Of course, we might not be in control, but that is not a better outcome or a reason to have not acted earlier.

There are of course other objections. I have covered all the major ones that occured to me today, but that does not mean the list is complete. If I missed a major objection, and someone points that out in the first day or so, I will edit it in here.

The next section is entitled ‘challenges.’

It begins with 0.5.1.1, offering a list of the usual estimates of doom. This is an argument from authority. I do think it is strong enough to establish that existential risk is a highly credible and common concern, but of course you knew about all this already if you are reading this, so presumably you need not update.

0.5.1.2 notes that timelines for catastrophic risk is uncertain, and that all the major players – OpenAI, DeepMind, Anthropic and Nvidia – have all publically said they expect AGI within five years.

I consider a wide variety of probability distributions on such questions reasonable. I do think you have to take seriously that we could be close.

As noted in the Tweet thread above, and remembering that catastrophic risk is distinct from existential, here is them asking about how much catastrophic risk there is from AI in 2024.

pp36: To partially address this problem, in December 2023 we asked several technical sources across multiple frontier labs to privately share their personal estimates of the chance that an AI incident could lead to global and irreversible effects, sometime during the calendar year 2024.

The lowest estimate we received was 4%; the highest extended as far as 20%.

These estimates were collected informally and likely subject to significant bias, but they all originated from technically informed individuals working at the frontier of AI capabilities. Technical experts inside frontier labs also expressed that the AGI timelines messaged externally by frontier labs were consistent with those labs’ internal assessments.

The more I think about this the more strange the question becomes as framed like this. Will not, for example, who wins various elections have ‘global and irreversible’ effects? If an AI effort swung the White House does that count? In which directions?

Again, if we are sticking to Anthropic’s definition, I am on the lower end of this range, but not outside of it. But one could see definitional disagreements going a long way here.

0.5.1.3 says the degree of risk from loss of control is uncertain.

Well, yes, very true.

They say one must rely on theoretical arguments since we lack direct evidence in either direction. They then link to arguments elsewhere on why we should consider the degree of risk to be high.

I can see why many likely find this section disappointing and unconvincing. It does not itself contain the arguments, in a place where such arguments seem natural.

I have many times made various arguments that the risk from loss of control, in various forms, is large, some of which I have reiterated in this post.

I will say, once again, that this has not provided new evidence for risk from loss of control as of this point, either.

So here’s where they tell their story.

Apart from the fundamental challenge of aligning an AGI-level system, researchers at several major frontier labs have indicated in private conversations that they do not believe their organizations are likely to implement the measures necessary to prevent loss of control over powerful, misaligned AI systems they may develop internally.

In one case, a researcher indicated that their lab’s perceived lax approach to safety reflected a trade-off between safety and security on the one hand, and research velocity on the other. The same source said they expected their lab to continue to prioritize development velocity over safety and security.

Another individual expressed the opinion that their lab’s safety team was effectively racing its capabilities teams, to avoid the possibility that they may develop AGI-level systems before being able to control them.

A third frontier AI researcher expressed skepticism at the effectiveness of their lab’s model containment protocols, despite their lab’s internal belief that they may achieve AGI in the relatively near term.

As one example of lax containment practices, researchers at one well known frontier lab performed experiments on a newly trained, cutting-edge AI system that involved significant augmentation of the system’s capability surface and autonomy. These experiments were unmonitored at the time they were performed, were conducted before the system’s overall capability surface was well-understood, and did not include measures to contain the impact of potential uncontrolled behavior by the system.

On the other hand, multiple researchers have also privately expressed optimism that the necessary measures could be developed and implemented if frontier labs had enough time, and a stronger safety culture than they currently do.

This is of course anecdata. As I understand it, Gladstone talked to about 200 people. These are only three of them. Ideally you would get zero people expressing such opinions, but three would not be so bad if the other 197 all felt things were fine.

From a skeptical perspective, you could very reasonably say that these should be assumed to be the most worried three people out of 200, presented with their biggest concerns. When viewed that way, this is not so scary.

The story about one of the major labs testing newly enhanced potential autonomous agents, whose abilities were not well-understood, with zero monitoring and zero controls in place, and presumably access to the internet, is not great. It certainly sets a very bad precedent and indicates terrible practices. But one can argue that in context the risk was at the time likely minimal, although it looks that way right until it isn’t.

In any case, I would like to see statistical data. What percentage of those asked thought their lab was unprepared? And so on.

I do know from other sources that many at the frontier labs indeed have these concerns. And I also know that they indeed are not taking sufficient precautions. But the report here does not make that case.

What about preventing critical IP theft?

Here is the full quote from the Twitter thread at the top:

By the private judgment of many of their own technical staff, the security measures in place at many frontier AI labs are inadequate to resist a sustained IP exfiltration campaign by a sophisticated attacker. W

hen asked for examples of dangerous gaps in security measures at their frontier lab, a member of the lab’s technical staff indicated that they had many to share, but that they were not permitted to do so.

The same individual shared that their lab’s lax approach to information security was the object of a running joke: their lab, its staff apparently say, is doing more to accelerate adversaries’ AI research than the adversaries themselves.

Conversations with leading frontier labs have corroborated that many lack an institutional appreciation of necessary security practices.

Given the current state of frontier lab security, it seems likely that such model exfiltration attempts are likely to succeed absent direct U.S. government support, if they have not already.

It is an interesting fact about the world that such attempts do not seem to have yet succeeded. We have no reports of successfully stolen model weights, no cases where a model seems to have turned up elsewhere unauthorized. Is everyone being so disciplined as to keep the stolen models secret? That seems super unlikely, unless they sold it back for a ransom perhaps.

My presumption is that this is another case of no one making that serious an attempt. That could be because everyone would rather wait for later when the stakes are higher, so you don’t want to risk your inside agent. It still seems super weird.

They cite two additional threat models.

In 0.5.1.6, they note opening up a model makes it far more potentially dangerous, of course in a way that cannot be undone. Knowing that a model was safe as a closed model does not provide strong evidence, on its own, that it would be safe over time as an open model. I will note that ‘a clearly stronger model is already open’ does however provide stronger evidence.

In 0.5.1.7, they note closed-access AI models are vulnerable to black-box exfiltration and other attacks, including using an existing system to train a new one on the cheap. They note we have no idea how to stop jailbreaks. All true, but I don’t think they make a strong case here.

Section 0.5.2 covers what they call political challenges.

0.5.2.1: AI advances faster than the ordinary policy process. Very much so. Any effective response needs to either be skating where the puck is going to be, or needs to be ready to respond outside of normal policy channels in order to go faster. Ideally you would have both. You would also need to be on the ball in advance.

0.5.2.2: ‘The information environment around advanced AI makes grounded conversations challenging.’ That is quite the understatement. It is ugly out there.

He mentions Effective Altruism here. So this is a good time to note that, while the ideas in this report line up well with ideas from places like LessWrong and others worried about existential risk, Gladstone was in no way funded by or linked to EA.

0.5.3.1 points out the labs have terrible incentives (the report also effectively confirms here that ‘frontier labs’ throughout presumably means the big three only). There are big winner-take-all effects, potentially the biggest ever.

0.5.3.2 notes that supply chain proliferation is forever. You cannot take back physical hardware, or the ability to manufacture it in hostile areas. You need to get out in front of this if you want to use it as leverage.

0.5.4.1 argues that our legal regime is unprepared for AI. The core claim is that an open model could be used by malicious actors to do harm, and there would be no way to hold the model creator liable. I agree this is a problem if the models become so capable that letting malicious actors have them is irresponsible, which is not yet true. They suggest liability might not alone be sufficient, and do not mention the possibility of requiring insurance a la Robin Hanson.

In general, the problem is that there are negative externalities from these products, for which the creators cannot be held liable or otherwise legally responsible. We need a plan to address that, no matter what else we do. Gladstone does not have a legal action plan though, it focuses on other aspects.

What does Gladstone AI propose we do about this? They propose five lines of effort.

  1. Establishing interim safeguards (wait, we don’t have interim safeguards?) by monitoring developments in advanced AI to ensure USG’s view of the field is up to date, create a task force to coordinate implementation and place controls on advanced AI chip supply.

  2. Strengthen capability and capacity. Working groups, preparedness through education and training, early-warning frameworks, scenario-based contingency plans. The things you would do if you worried about something.

  3. Support AI safety research. Well, yes.

  4. Formalize safeguards in law. I certainly hope so, whatever safeguards are chosen. New regulatory agency is proposed, with new liability and potential emergency powers to respond to threats. I say (Facebook meme style) just powers. Never base your plan on ‘emergency’ powers, either grant the powers or don’t.

  5. Interalize advanced AI safeguards. Build consensus, enshrine in international law, establish an international agency, control the supply chain.

I mean, yeah, sure, all of that seems good if implemented well, but also all of that seems to sidestep the actually hard questions. It is enough to make some people cry bloody murder, but those are the people who if they were being consistent would oppose driver’s licenses. The only concrete rule here is on chip exports, where everyone basically agrees on principle and we are at least somewhat already trying.

The actual actions are presumably in the detailed document, which you have to request, so I did so (accurately I think at this point!) calling myself media, we’ll see if they give it to me.

This Time article says yes, the actual detailed proposals are for real.

Billy Perrigo: Congress should make it illegal, the report recommends, to train AI models using more than a certain level of computing power. The threshold, the report recommends, should be set by a new federal AI agency, although the report suggests, as an example, that the agency could set it just above the levels of computing power used to train current cutting-edge models like OpenAI’s GPT-4 and Google’s Gemini.

The new AI agency should require AI companies on the “frontier” of the industry to obtain government permission to train and deploy new models above a certain lower threshold, the report adds. Authorities should also “urgently” consider outlawing the publication of the “weights,” or inner workings, of powerful AI models, for example under open-source licenses, with violations possibly punishable by jail time, the report says. And the government should further tighten controls on the manufacture and export of AI chips, and channel federal funding toward “alignment” research that seeks to make advanced AI safer, it recommends.

The report’s recommendations, many of them previously unthinkable, follow a dizzying series of major developments in AI that have caused many observers to recalibrate their stance on the technology.

Greg Colbourn: Great to see a US Gov commissioned report saying this.

Not pulling any punches in using the word “default”:

“could behave adversarially to human beings by default”

Hope the US government takes heed of the recommendations!

Always interesting what people consider unthinkable.

This is exactly the standard compute limit regime. If you are close to the frontier, above a certain threshold, you would need to seek approval to train a new model. That would mean adhering to various safety and security requirements for how you train, monitor and deploy the model, one of which would obviously be ‘don’t let others steal your model weights’ which would imply also not publishing them. Above a second higher threshold, you cannot do it at all.

There is, of course, skepticism, because people are bad at extrapolation.

The proposal is likely to face political difficulties. “I think that this recommendation is extremely unlikely to be adopted by the United States government” says Greg Allen, director of the Wadhwani Center for AI and Advanced Technologies at the Center for Strategic and International Studies (CSIS), in response to a summary TIME provided of the report’s recommendation to outlaw AI training runs above a certain threshold.

Current U.S. government AI policy, he notes, is to set compute thresholds above which additional transparency monitoring and regulatory requirements apply, but not to set limits above which training runs would be illegal. “Absent some kind of exogenous shock, I think they are quite unlikely to change that approach,” Allen says.

What would he have said a year ago, or two years ago, about a reporting threshold? Probably he would have said it was very unlikely, absent some kind of exogenous shock. Except then we got (at least) one of those. In this context, we will get more.

As is sadly standard for the government, a lot of the issue getting here was finding some department to claim some responsibility.

In late 2021, the Harrises say Gladstone finally found an arm of the government with the responsibility to address AI risks: the State Department’s Bureau of International Security and Nonproliferation.

The report focuses both on ‘weaponization risk’ which I would think is a subset of misuse, incorporating things like biological, chemical or cyber attacks, and then ‘loss of control risk,’ and it centralizes the role of ‘race dynamics.’

Meanwhile, since it is important to share contrary voices, let us see how the skeptics are reacting, yes this is the first reaction I saw.

Shoshana Weissman: So our government commissioned a report from some fucking idiots, ok.

Nirit Weiss-Blatt: Gladstone’s Edouard Harris collaborated with Eliezer Yudkowsky’s MIRI, on the LessWrong forum, said the paperclip maximizer is “a very deep and interesting question,” and his messages about taking the “Terminator” seriously … resemble those of his fellow doomers at FLI.

Ben Brooks on the other hand does it right, and actually reads the damn thing.

Ben Brooks: I read this Gladstone “jail time for open models” paper on a flight, all 284 pages. Some takeaways?

TLDR: Llama 2 would need to be approved by the US Government.

Once again, this tier system seems like the only way a sane system could operate? We should then talk price on where the thresholds should be.

It seems this report argues for the most aggressive threshold of all for Tier 2, which is the 10^23 number I’ve heard from Connor Leahy and some others, and start Tier 3 at only 10^24, and Tier 4 at 10^25. So yes, that is a super aggressive set of prices:

Ben Brooks: They call for *expeditedcriminal proceedings for developers who release designated models without a license from the “Frontier AI Systems Administration”. Like, an AI court-martial? It’s a dystopian gloss on a proposal that’s already pushing constitutional boundaries.

They would require model registration at a threshold that is three orders of magnitude lower than the US Executive Order: 10^23 FLOPs.

At this point, obligations would include KYC, which would make it difficult / impossible for a downstream developer to share a tuned model.

Next, they would require model approval when a model hits a 70% MMLU score or is trained on 10^24 FLOPs. A quick glance at the @huggingface leaderboard suggests that ~265 base and tuned models would need these licenses.

A leak of Llama or @MistralAI weights would attract “severe penalties”.Kicking it up a notch, they would ban model development above 10^25 FLOPs. For context, that’s the threshold the EU adopted for basic disclosure obligations in its AI Act. Models above this (e.g. the next update to Gemini) “cannot be trained under any conditions”.

Other proposals are familiar (e.g. reworking liability rules) or uncontroversial (e.g. funding for evaluation and standards research).

All in all, kudos to the authors for actually committing to details. Until now, this conversation has played out in X threads, conference hallways, and footnotes.

But casually invoking criminal law and premarket authorization to suppress open innovation is irresponsible. It does a disservice to the many credible and thoughtful efforts to regulate AI.

The chart is from 4.1.3.4. Here is another useful one to have handy:

In addition to flops, you can also qualify as Tier 3 with a 70% on the MMLU, although only Tier 2 models are required to check this.

Their view is that the leak of the weights of a Tier 3 model is ‘an irreversible event that could create significant national security risk.’ It would indeed be irreversible, but would it harm national security? What does it mean to be in the 10^24 to 10^25 range?

We don’t know the exact answer, but the Metaculus estimate says that GPT-4 was trained on 2.1×10^25 flops, based on an estimate by Epoch, which makes it a Tier 4 model along with Gemini Ultra and (just barely) Inflection-2, and presumably Claude 3. Those models would be Tier 4 under this protocol. Whereas GPT-3.5 would be, in log terms, a little under halfway through Tier 3.

If we leaked (or opened up) the weights of GPT-3.5 today, it wouldn’t be awesome, but I would not see this as that big a deal. Certainly a year from now that would be mostly irrelevant, there will be better options. So while I agree that it ‘could’ create such issues, I doubt that it would.

If we treat Tier 3 as ‘you must protect the weights of this model and also not release them’ and other similarly motivated requirements, then it seems like this should start no lower than 10^25. At that point, I think a case can be made that there would be real risk in the room. More likely I think, as a practical question, you will have to start at 10^26, the EO reporting threshold, and cover models substantially stronger than GPT-4. We have to make a choice whether we are going to accept that GPT-4-level models are going to become generally available soon enough, and I do not see a practical path to preventing this for long.

One would then likely bump Tier 2 to 10^24.

Whereas they would put 10^25 into Tier 4, which they consider too high-risk to develop now due to loss of control risk. Given that this range includes GPT-4 and Gemini, this seems like it is not a reasonable ask without much stronger evidence. You can at least make a case that GPT-5 or Clade-4 or Gemini-2 poses loss of control risk such that it would be non-crazy to say we are not ready to build it.

But the existing models we all know about? I mean, no I wouldn’t give them four 9s of safety if you opened up the weights fully for years, but we do not have the luxury of playing things that kind of safe. And we certainly neither want to grant the existing models a permanent monopoly, nor do we want to force them to be withdrawn, even if enforcement was not an issue here.

The lowest sane and realistic threshold I can see proposing for ‘no you cannot do this at all’ is 10^27. Even at 10^28, where I think it is more likely to land, this would already be quite the ask.

What about other implementation details? What do they suggest people should need to do at Tier 2 or Tier 3?

This is the subject of the bulk of section 4.

They list in 4.1.3.5:

  1. Risk governance, which is things like an internal audit team and a chief risk officer and risk committee. I am generally skeptical of such moves since they are unlikely to do anything for those who needed to be told to do them, but they seem relatively cheap and thus do seem worthwhile.

  2. Outside and insider threat countermeasures, introducing friction against unauthorized access or model exfiltration. I file these kinds of requirements under ‘things you should be doing anyway more than you are, and where there are large externalities to consider so you should do a lot more than even that.’

  3. Model containment measures, including emergency shutdown procedures and information-gapping, potentially including kill switches and dead man switches to halt training or deployment. With all the usual caveats about how likely these tactics are to fail, they are definitely the least you can do in a Tier 3 style situation.

  4. AI safety and security training. What does this even mean? It sounds good to some types in theory. In practice I’ve never met a mandatory training that helped.

  5. Whistleblower protections. I mean, yes, good, should be uncontroversial.

  6. Incident reporting. Need to define incidents to report, but again, yeah, sure.

If the threshold is set properly, this could still be cleaned up a bit, but mostly seems reasonable. Objections to this type of regime more broadly are essentially arguments against any kind of prior restraint or process control at all, saying that instead we should look only at outcomes.

In section 4.1.4 they discuss publication controls on AI capabilities research, mentioning the worry that such research often happens outside major labs. They mention DPO, AutoGPT and FlashAttention. I get why they want this, but pushing this hard this far does not seem great.

In 4.2.1 they propose imposing civil liability on creators of AI systems on a duty of care basis, including preventing inadvertent harm, preventing infiltration of third-party systems, safeguarding algorithmic configurations of advanced AI including model weights, and maintaining security measures against unauthorized use.

This is a combination of strict liability for harms and a ban on open model weights even if you thought that liability wasn’t an issue. They propose that you could choose to enter Tier 3 on purpose to protect against strict liability, which could be an alternative to imposing super low compute thresholds – you can decide if you think your LLM is dangerous, and pay the costs if you are wrong.

Open model weights presumably are not okay in Tier 3, and are okay in Tier 1. The question is where in Tier 2, from its start to its finish, to draw the line.

4.2.2 is where they discuss criminal liability. They point out that the stakes are sufficiently high that you need criminal penalties for sufficiently brazen or damaging violations.

Felonies could include:

● Disregarding an emergency order to halt AI development activities;

● Engaging in development activities that require a license following the rejection

of a license application; and

● Breaching the conditions of a license, especially if these violations lead to

heightened security risks or cause damages exceeding a significant monetary

threshold (e.g., $100 million), or if the entity or its management have prior

convictions under this liability framework.

The first two here seem like very reasonable things to be felonies. If the stakes are existential risk, then this is wilful ignoring of a direct order to stop. Breaching ‘the conditions’ sounds potentially vague, I would want to pin that down more carefully.

The asks here are clearly on the aggressive end and would need to be cut back a bit and more importantly carefully codified to avoid being too broad, but yes these are the stakes.

4.2.3 proposes ‘emergency powers’ which should always make one nervous. In this case, the emergency power looks like it would be confined to license suspension, demanding certain abilities be halted and precautions be taken, up to a general moratorium, with ability to sue for economic damages if this is not justified later.

I hate the framing on this, but the substance seems like something we want in our toolkit – the ability to act now if AI threatens to get out of control, and force a company to stand down until we can sort it out. Perhaps we can find a slightly different way to enable this specific power.

Section 5 is about the quest for international cooperation, with the report’s ideal end state being a treaty that enforces the restrictions from section 4, reporting requirements on cloud providers and also hardware-based tracking.

That seems like the correct goal, conditional on having chosen the correct thresholds. If the thresholds are right, they are right for everyone. One reason not to aim too low with the numbers is that this makes international cooperation that much harder.

Deeper monitoring than this would have benefits, but they rightfully step back from it, because this would too heavily motivate development of alternative supply chains and development programs.

How do we get there? Well, saying what one can about that is the kind of thing that makes the report 284 pages long (well, 161 if you don’t count acknowledgements and references). 5.2.1 says to coordinate domestic and international capacity-building, starting with policymaker education outreach in 5.2.1.1.

They do have a good note there:

Part of the substance of this educational content is outlined in LOE2, 2.2. Additionally,

based on our direct experience briefing U.S. and international policymakers on this issue, we believe these educational efforts should:

  1. Emphasize specific, concrete, and tangible scenarios relevant to AI risk and national security (see Annex C: Example AI alignment failure scenarios and [1]);

  2. Explain that the build-vs-use distinction that exists for nuclear weapons may not exist for sufficiently capable AI systems, meaning that simply building such a system, with no intent to deploy it, may in and of itself be a dangerous action (Introduction, 0.2.2); and

  3. Clarify that, because of this unusual risk profile, the international community may need to implement rules above and beyond those already in place for less-

    capable AI systems such as lethal autonomous weapons (LAWs).

The first point here has been said before, and is especially important. There is a class of people, who are almost all of NatSec, who simply cannot imagine anything except a specific, concrete and tangible scenario. In addition, many can only imagine scenarios involving a foreign human enemy, which can be a rival nation or a non-state actor.

That means one has to emphasize such threats in such conversations, even though the bulk of the risk instead lies elsewhere, in future harder-to-specify threats that largely originate from the dynamics surrounding the AIs themselves, and the difficulties in controlling alignment, direction, access and usage over time as capabilities advance.

One must keep in mind that even if one restricts only to the scenarios this permits you to raise, that is still sufficient to justify many of the correct interventions. It is imperfect, but the tangible threats are also very real and require real responses, although the resulting appropriate prices and details will of course be different.

Specifically, they suggest our Missions engage heads of state, that we use existing AI policy-focused forums and use foreign assistance to build partner capacity. I have no objection to any of that, sure why not, but it does not seem that effective?

5.2.1.2 talks about technical education and outreach, suggesting openness and international cooperation, with specifics such as ‘the U.S. ambassador to the UN should initiate a process to establish an intergovernmental commission on frontier AI.’ There is already a group meeting within the UN, so it is not clear what needs this addresses? Not that they or I have other better concrete path ideas to list.

5.2.1.3 says also use other forms of capacity building, I mean, again, sure.

5.2.2 says ‘articulate and reinforce an official US government position on catastrophic AI risk.’ Presumably we should be against it (and yes, there are people who are for it). And we should be in favor of mitigating and minimizing such risks. So, again, sure, yes it would be helpful to have Congress pass a statement with no legal standing to clarify our position.

5.3 says enshrine AI safeguards in international law. Yes, that would be great, but how? They note the standard security dilemma.

We recommend that the goal of these efforts be to establish comprehensive RADA safeguards to minimize catastrophic risks from loss of control due to AGI alignment failure, and aligning the international community on new international law or treaty requirements.

So, more summits, then?

5.4 says establish an international regulatory agency, which they call the International AI Agency (IAIA), and optimistically cite past non-proliferation efforts. 5.4.1 outlines standard protocols if one was serious about enforcing such rules, 5.4.2 notes there need to be standards, 5.4.3 that researchers will need to convene. Yes, yes.

5.5 discusses joint efforts to control the AI supply chain. This is a key part of any serious long term effort.

A multilateral AI controls framework could have three goals:

● Ensure that critical elements of the supply chain for advanced AI, particularly compute and its inputs, remain localized to U.S. and allied jurisdictions;

● Ensure that access to AI cloud compute is controlled through a regulatory mechanism similar to that proposed in LOE4, 4.1.3 including RADA safeguards implemented in U.S. and allied jurisdictions; and Meaning GPUs, TPUs, and other AI accelerator chips.

● Provide a path for foreign entities to obtain access to AI cloud compute clusters in U.S. and allied jurisdictions, provided they do so subject to the regulatory mechanism (e.g., LOE1, 1.5.2).

So essentially AI for me (and my friends) but not for thee.

The obvious response is, if this is the plan, why would China sign off on it? You need to either have China (and the same applies to others including Russia) inside or outside your international AI alliance. I do not see any talk of how to address China’s needs, or how this regime plans to handle it if China does not sign on to the deal. You cannot dodge both questions for long, and sufficiently harsh compute limits rule out ‘dominate China enough to not care what they think’ as an option, unless you think you really can fully cut off the chip supply chain somehow and China can’t make its own worth a damn? Seems hard.

5.5.1 points out that alternative paths, like attempting controls on the distribution or use of open data or open models, flat out do not work. The only way to contain open things is to not create or open them up in the first place. That is the whole point of being open, to not have anyone be able to stop users from doing anything they want.

5.5.2 outlines who has key parts of the AI supply chain. Most key countries are our allies including Israel, although the UAE is also listed.

5.6 is entitled ‘open challenges’ and seems curiously short. It notes that the incentives are terrible, reliable verification is an open problem and algorithmic improvements threaten to render the plan moot eventually even if it works. Well, yes. Those are some, but far from all, of the open challenges.

That does not mean give up. Giving up definitely doesn’t work.

Section 1 proposes interim safeguards.

1.2 suggests an ‘AI observatory’ for advanced AI, which they call AIO. Certainly there should be someone and some government group that is in charge of understanding what is happening in AI. It would (1.2.1) monitor frontier AI development, study emergency preparedness and coordinate to share information.

This should not be objectionable.

The only argument against it that I can see is that you want the government to be blindsided and unable to intervene, because you are opposed on principle (or for other reasons) to anything that USG might do in AI, period. And you are willing to risk them flailing around blind when the first crisis happens.

1.3 suggests establishing responsible AI development and adoption safeguards for private industry. They mention ‘responsible scaling policies’ (RSPs) such as that of Anthropic, and would expand this across the supply chain. As with all such things, price and details are key.

Certainly it would be good to get other labs to the level of Anthropic’s RSP and OpenAI’s preparedness framework. This seems realistic to get via voluntary cooperation, but also you might need to enforce it. Meta does exist. I presume the report authors would want to be much stricter than that, based on their other recommendations.

1.3.1 talks implementation details, mentioning four laws that might allow executive authority, including everyone’s favorite the Defense Production Act, but noting that they might not apply.

1.3.2 makes clear they want this to mostly be the same system they envision in section 4, which is why I wrote up section 4 first. They make clear the need to balance safety versus innovation and value creation. I think they get the price wrong and ask too much, but the key is to realize that one must talk price at all.

1.4 says establish a taskforce to do all this, facilitating responsible development and watching out for weaponization and loss of control as threats, and lay the foundation for transition to the regime in section 4, which seems remarkably similar to what they want out of the gate. Again, yes, sure.

There is also their ‘plan B’ if there is no short term path to getting the RADA safeguards similar to section 4, and one must rely on interim, voluntary safeguards:

They essentially say, if you can’t enforce it, call on labs to do it anyway. To which I essentially say: Good luck with that. You are not going to get a voluntary pause at 10^26 from the major players without much stronger evidence that one is needed, and you are not going to get cooperation from cloud service providers this way either. The case has not yet been sufficiently strongly made.

Section 2 proposes ‘strengthening capability and capacity for advanced AI preparedness and response.’ What does that mean?

That all seems unobjectionable in theory. It is all about the government getting its people prepared and understanding what is going on, so they can then make better decisions.

Again, the objection would be if you think the government will use better information to make worse decisions, because government intervention is all but assured to be negative, and more info means more action or more impactful action. Otherwise, it’s about whether the details are right.

I mostly would prefer to leave such questions to those who know more.

Their list of stakeholders seems plausible on first reading, but also seems like they included everyone without trying hard to differentiate who matters more versus less.

Their suggested topics seem fine as basic things more people should know. I would look closer if this was the draft of a bill or executive order, again on first glance it seems fine but could use more prioritization. This is more facts than people are able to absorb, you are not going to get everything here, you must choose.

Finally (in terms of the ordering here) there is section 3 on investment in technical AI safety research and standards development.

They note that some research can be done on public open models, and should be shared with everyone. Other research requires access to proprietary frontier models, and the government could help facilitate and fund this access, including developing dedicated secure infrastructure. They don’t talk about sharing the results, but presumably this should be shared mostly but not always. And finally there will be national security research, which will require both unrestricted frontier model access and need to be done in a classified context, and much of the results will not be things that can be published.

Again, all of that seems right, and it would be great to have funding to support this kind of work. That does not mean the government is up to the task at all these levels, given the restrictions it operates under. It is not implausible that government funding would be so delayed, bureaucratized and ill-targeted that it would end up doing little, no or even negative good here. I do think we should make the attempt, but have our eyes open.

After some standard stuff, 3.2 discusses proposed standards for AI evaluations and RADA safeguards, mostly to warn in 3.2.1.1 that current evaluations cannot provide comprehensive coverage or predict emergence of additional capabilities. You can never prove a capability is absent (or at least, you can’t if it was at all plausible it could ever have been present, obviously we know a lot of things e.g. GPT-2 cannot ever do).

As they warn in 3.2.1.3, evaluations can easily be undermined and manipulated if those doing them wish to do so. Where the spirit of the rules is not being enforced, you are toast. There are no known ways to prevent this. The best we have is that the evaluation team can be distinct from the model development team, with the model development team unaware of (changing and uncertain) evaluation details. So we need that kind of regime, and for AI labs to not effectively have control over who does their evaluations. At minimum, we want some form of ‘testing for gaming the test.’

Also key is 3.2.1.4’s warning that AI evaluations could fail systematically in high-capability regimes due to situational awareness, manipulation of evaluations by the AI and deceptive alignment. We saw clear signs of this in the Sleep Agent paper from Anthropic, Claude Opus has shown signs of it as well, and this needs to be understood as less an unexpected failure mode and more the tiger going tiger. If the AI is smarter than you, you are going to have a hard time having it not notice it is in a test. And in addition to the instrumental convergence and other obvious reasons to then game the test, you know what the training data is full of? Humans being situationally aware that they are being tested, and doing what it takes to pass. Everyone does it.

There is lots more. One can only read in detail so many 284-page (or even de facto 161-page if you skip the appendixes and references and acknowledgements) documents.

Their conclusion makes it clear how they are thinking about this:

AI is a technology fundamentally unlike any other. It holds vast potential to elevate human well-being, but could also be deliberately weaponized or exhibit accidental failures that have catastrophic consequences. Our recommendations focus on mitigating the most unrecoverable catastrophic risks advanced AI poses (Introduction, 0.5.1.1) while preserving its potential for positive impact (Introduction, 0.4.2).

Frontier AI labs have publicly suggested that such dangerously capable systems could be developed in the near future, and possibly within the next five years (Introduction, 0.5.1.2). Both categories of risk have the potential, in the worst case, for unrecoverable catastrophic impact on human welfare.

In the face of these challenges, bold action is required for the United States to address the current, near-term, and future catastrophic risks that AI poses while maximizing its benefits, and successfully navigate what may be the single greatest test of technology governance in the nation’s history.

The Gladstone Report can, again, be thought of as two distinct reports. The first report outlines the threat. The second report proposes what to do about it.

The first report rests on their interviews inside the labs, and on the high degree of uncertainty throughout, and citing many properties of current AI systems that make the situation dangerous.

As they summarize:

  1. Advanced AI labs lack sufficient safety and security precautions on many levels.

  2. Advanced AI models can have capabilities that evaluations fail to identify, a small team cannot anticipate everything the whole world can figure out over time.

  3. Advanced AI lab workers expect the possibility of existentially dangerous AI soon.

  4. Things are moving too fast and involve too many moves that cannot be undone or fixed, especially releasing or failing to secure model weights but also many other things.

  5. A reactive posture is not viable. We cannot afford to wait and then pass laws or take action after things go wrong. To make this work we will eventually need international cooperation, and international cooperation takes time and relies on establishing credibility and clear positions and goals.

I am alarmed, although not as alarmed as they are, and do not support the full price they are willing to pay with their interventions, but I believe the outline here is correct. Artificial general intelligence (AGI) could arrive soon, and it could be quickly followed by artificial super intelligence (ASI), it will pose an existential threat when it arrives and we are very much not prepared. Security measures are woefully inadequate even for worries about national security, stolen weights and mundane harms.

Does The Gladstone Report make a strong case that this is true, for those who did not already believe it? For those taking a skeptical eye, and who are inclined to offer the opposite of the benefit of the doubt?

That is a different question.

Alas, I do not believe the report lays out its interview findings in convincing fashion. If you did not believe it before, and had considered the public evidence and arguments, this need not move your opinion further. That the scary quotes would be available should be priced in. We need something more systematic, more difficult to fake or slant, in order to convince people not already convinced, or to change my confidence levels from where they previously were.

Its logical arguments about the situation are good as far they go, highly solid and better than most. They are also reiterations of the existing debate. So if this is new to you, you now have a government report that perhaps you feel social permission to take seriously and consider. If you had already done the considering, this won’t add much.

One then must choose directionally correct interventions, and figure out a reasonable price to balance concerns and allow the plan to actually happen.

From what I have seen, the proposed interventions are directionally wise, but extreme in their prices. If we could get international cooperation I would take what is proposed over doing nothing, but going this far seems both extremely impractical any time soon and also not fully necessary given its costs.

Indeed, even if one agrees that such existentially dangerous systems could be developed in the next five years (which seems unlikely, but not something we can rule out), the suggested regime involves going actively backwards from where we are now. I do not see any path to doing that, nor do I think it is necessary or wise to do so even if there was a political path. The worlds were artificial superintelligence (ASI) is coming very soon with only roughly current levels of compute, and where ASI by default goes catastrophically badly, are not worlds I believe we can afford to save.

Ideally one could talk price, balance risks and costs against the benefits, and seek the best possible solution.

On the Gladstone Report Read More »

redwoods-are-growing-almost-as-fast-in-the-uk-as-their-californian-cousins

Redwoods are growing almost as fast in the UK as their Californian cousins

redwood trees, Science, syndication / /

growth gains —

New study finds that giant sequoias add 70 cm of height and store 160 kg of carbon per year.

view of redwood tree canopy from below

Enlarge / Looking up at the canopy of a redwood tree in a forest near Golden Gate Live Steamers, Grizzly Peak Boulevard in Oakland.

What can live for over 3,000 years, weigh over 150 tonnes and could be sitting almost unnoticed in your local park? Giant sequoias (known as giant redwoods in the UK) are among the tallest and heaviest organisms that have ever lived on Earth, not to mention they have the potential to live longer than other species.

My team’s new study is the first to look at the growth of giant sequoias in the UK—and they seem to be doing remarkably well. Trees at two of the three sites we studied matched the average growth rates of their counterparts in the US, where they come from. These remarkable trees are being planted in an effort to help absorb carbon, but perhaps more importantly they are becoming a striking and much-admired part of the UK landscape.

To live so long, giant sequoias have evolved to be extraordinarily resilient. In their native northern California, they occupy an ecological niche in mountainous terrain 1,400–2,100 meters above sea level.

Their thick, spongy bark insulates against fire and disease, and they can survive severe winters and arid summers. Despite these challenges, these trees absorb and store CO₂ faster and in greater quantities than almost any other in the world, storing up to five times more carbon per hectare than even tropical rainforests. However, the changing climate means Californian giant sequoias are under threat from more frequent and extreme droughts and fires. More than 10 percent of the remaining population of around 80,000 wild trees were killed in a single fire in 2020 alone.

Tree giants from the US

What is much less well-known is that there are an estimated half a million sequoias (wild and planted) in England, dotted across the landscape. So how well are the UK giant sequoias doing? To try and answer this, my team used a technique called terrestrial laser scanning to measure the size and volume of giant sequoias.

The laser sends out half a million pulses a second and if a pulse hits a tree, the 3D location of each “hit” is recorded precisely. This gives us a map of tree structure in unprecedented detail, which we can use to estimate volume and mass, effectively allowing us to estimate the tree’s weight. If we know how old the trees are, we can estimate how fast they are growing and accumulating carbon.

As part of a Master’s project with former student Ross Holland, and along with colleagues at Kew Royal Botanical Gardens, we measured giant sequoias across three sites—Benmore botanical gardens in Scotland, Kew Wakehurst in Sussex, and Havering Country Park in Essex. These sites span the wettest (Benmore) and driest (Havering) climates in the UK, enabling us to assess how rainfall affects growth.

The fastest-growing trees we measured are growing almost as fast as they do in California, adding 70 cm of height and storing 160 kg of carbon per year, about twice that of a native UK oak. The trees at Benmore are already among the tallest trees in the UK at 55 meters, the current record-holder being a 66-meter Douglas Fir in Scotland. The redwoods, being faster growing, are likely to take that title in the next decade or two. And these trees are “only” around 170 years old. No native tree in the UK is taller than about 47 meters. We also found significant differences in growth rates across the UK. They grow fastest in the north, where the climate is wetter.

So, how did these trees get here? Exotic plant collecting was big business in the 18th and 19th centuries, in large part as a display of wealth and taste. Giant sequoias were first introduced in 1853 by Scottish grain merchant and keen amateur collector Patrick Matthew, who gave them to friends. Later that same year commercial nurseryman William Lobb brought many more from California, along with accounts of the giant trees from which they came.

Giant sequoias quickly became a sensation and were planted to create imposing avenues, at the entrances of grand houses and estates, in churchyards, parks and botanic gardens. The letters about these trees helps us to accurately age planted trees, enabling us to calculate their growth rates.

Normally, you need to take samples from a tree’s core to get an accurate age estimate, but that can damage the tree.

Imagine their potential

UK sequoias are unlikely to grow as tall as their Californian counterparts, which tend to grow in forests, due to lightning strikes and high winds—always a risk when you’re the tallest thing in the landscape rather than one among many. More recently, there has been a resurgence in planting giant sequoias in the UK, particularly in urban settings. This is because of their carbon storage potential and perhaps because people seem to really like them.

We urgently need to understand how UK trees will fare in the face of much hotter, drier summers, stormier winters, and with increased risks of fire. Global trade is also increasing the spread of disease among plantlife. More work is needed to consider the impact of planting non-native species like giant sequoias on native habitats and biodiversity but our work has shown that they are apparently very happy with our climate so far.

More importantly, we have to remember that trees are more than just stores of carbon. If we value trees only as carbon sticks we will end up with thousands of hectares of monoculture, which isn’t good for nature.

But these giant sequoias are here to stay and are becoming a beautiful and resilient part of our landscape.

Mathias Disney, Reader in Remote Sensing, Department of Geography, UCL. This article is republished from The Conversation under a Creative Commons license. Read the original article.

Redwoods are growing almost as fast in the UK as their Californian cousins Read More »

2025-maserati-grecale-folgore-review:-a-stylish-suv,-but-a-hard-ev-sell

2025 Maserati Grecale Folgore review: A stylish SUV, but a hard EV sell

Cars / /
A blue Maserati Grecale Folgore EV seen head-on

Enlarge / Maserati’s first electric SUV looks good, but the weight ruins the handling.

Michael Teo Van Runkle

PUGLIA, ITALY—At a recent media drive program in Puglia, Italy, Maserati introduced the production version of the all-electric Grecale Folgore. The svelte SUV will join the American lineup for model-year 2025 as the company’s second-ever EV, following the 2024 GranTurismo Folgore.

Similar to the GranTurismo, development of the Grecale chassis always included plans to electrify the model. But unlike the GT, Grecale does not receive a dogbone-style battery and triple drive unit layout, instead sticking with by-now-traditional skateboard underpinnings and dual 205-kilowatt motors that swap in for the spectacular twin-turbo “Nettuno” V6 engine used on the lower Modena and Trofeo trims.

Total combined output maxes out at 550 hp (410 kW) and 605 lb-ft (820 Nm) of torque, or about 30 hp (22 kW) more than the former top-spec internal-combustion Trofeo trim. Only a few years ago, those power figures for either a gasoline or battery-electric drivetrain would have placed the Grecale at the top of the SUV food chain. Throw in the reactive nature of instantaneous torque, as well as all-wheel-drive traction, and 605 lb-ft should sound pretty impressive.

Michael Teo Van Runkle

But in the modern EV era, most of the Grecale Folgore’s stats lag behind the rest of the market, at least on paper. The decision to use 400 V architecture means that a relatively sizeable 105 kWh battery, which houses 33 large modules of six prismatic cells each, can only reach a maximum charging rate of 150 kW when plugged into a DC fast charger. Topping up the battery from 20 to 80 percent will therefore take a sluggish 29 minutes under the best of conditions. The onboard AC charger is capable of up to 22 kW, although that requires European three-phase electricity to take advantage of.

No official EPA range rating has been released yet, but in European WLTP testing, the Grecale reached as high as 501 kilometers of range (311 miles) but, in its least-efficient configuration, as low as 426 kilometers (264 miles). And keep in mind that EPA range estimates typically come in at around 70 percent of WLTP numbers.

That battery pack bolted onto a unibody chassis nonetheless weighs in at 1,490 lbs (676 kg), contributing mightily to a total curb weight of nearly 5,500 lbs (2,494 kg)—almost exactly 1,000 lbs (454 kg) gained versus the ICE Trofeo and Modena trims. The additional weight means that despite producing more grunt than a Grecale Trofeo, the Folgore can only manage a 4.1-second sprint to 62 mph (100 km/h).

Adding an EV powertrain increased the SUV's curb weight by half a ton compared to the gasoline versions.

Enlarge / Adding an EV powertrain increased the SUV’s curb weight by half a ton compared to the gasoline versions.

Michael Teo Van Runkle

The dual motors produce not-insubstantial straight-line acceleration, without a doubt, but while mashing the ‘”go” pedal in Sport mode all the way to the floor, expected levels of EV jerk (the gut-punch sensation that’s also the scientific term for rate of change of acceleration) never quite materialize as much as expected. For context, the Trofeo runs the 0–62 mph (0–100 km/h) sprint in 3.8 seconds.

2025 Maserati Grecale Folgore review: A stylish SUV, but a hard EV sell Read More »

tick-killing-pill-shows-promising-results-in-human-trial

Tick-killing pill shows promising results in human trial

Lyme disease, Rocky Mountain Spotted Fever, Science, syndication, ticks / /

Ticked off —

Should it pan out, the pill would be a new weapon against Lyme disease.

A tick on a human

If you have a dog or cat, chances are you’ve given your pet a flavored chewable tablet for tick prevention at some point. What if you could take a similar pill to protect yourself from getting Lyme disease?

Tarsus Pharmaceuticals is developing such a pill for humans—minus the tasty flavoring—that could provide protection against the tick-borne disease for several weeks at a time. In February, the Irvine, California–based biotech company announced results from a small, early-stage trial showing that 24 hours after taking the drug, it can kill ticks on people, with the effects lasting for up to 30 days.

“What we envision is something that would protect you before the tick would even bite you,” says Bobby Azamian, CEO of Tarsus.

Lyme disease is a fast-growing problem in the United States, where approximately 476,000 people are diagnosed and treated for it each year, according to the most recent data from the Centers for Disease Control and Prevention. That number is likely an overestimate, because many patients are treated after a tick bite even if an infection isn’t confirmed, but it underscores the burden of Lyme disease on the health care system—which researchers at the CDC and Yale University put at nearly $1 billion per year.

The disease is caused by the bacteria Borrelia burgdorferi, which gets passed to humans through the bite of an infected tick. In most cases, a tick has to be attached for around 36 to 48 hours before the bacteria can be transmitted. Symptoms include fever, headache, fatigue, and a characteristic skin rash that looks like a bullseye.

Without a vaccine for Lyme disease on the market, current prevention includes using insect repellents such as DEET and permethrin and wearing closed shoes, long pants, and long sleeves when in a tick-infested area.

“We’ve seen increasing rates of tick-borne diseases over the years, despite being told to do tick checks, use DEET, and impregnate your clothes with permethrin,” says Paul Auwaerter, a professor of medicine at the Johns Hopkins University School of Medicine who studies Lyme disease.

A more effective treatment strategy would be welcome, Auwaerter says, especially because Lyme disease can sometimes cause serious health issues. Antibiotics are usually effective when taken early, although about 5 to 10 percent of patients can have lingering symptoms for weeks or months. If left untreated, the infection can spread to the joints and cause arthritis. It can also become established in the heart and nervous system, causing persistent fatigue, numbness, or weakness.

The experimental pill that Tarsus Pharmaceuticals is testing is a formulation of lotilaner, a drug that paralyzes and kills parasites by interfering with the way that signals are passed between their nerve cells. Lotilaner is already approved as a veterinary medicine under the brand name Credelio to control fleas and ticks in dogs and cats.

“Our animals have better options than we do for tick prevention,” says Linden Hu, a professor of immunology at Tufts Medical School who led the Tarsus trial. “There are quite a few drugs and vaccines available for dogs and cats, but there’s nothing for us.”

Tarsus first developed lotilaner for human use as an eye drop to treat blepharitis, or inflammation of the eyelid, which is caused by tiny mites. That drug, Xdemvy, was approved by the US Food and Drug Administration in July 2023. It stuns and kills mites present in the eyelid. Azamian and his team had the idea to test it against ticks in people. The oral version of the drug enters the bloodstream and is passed to a tick when it bites and starts sucking blood.

“A lot of drugs are tested in animals, but very few are commercialized for animal use and then go to human use,” Azamian says.

In a Phase II trial, 31 healthy adults took either a low or high dose of the Tarsus pill, or a placebo. Researchers then placed sterile ticks on participants’ arms and, 24 hours later, measured how many died. They also observed tick death 30 days after a single dose of the pill. At day one, 97 percent of ticks in the high-dose group and 92 percent in the low-dose group had died, while only 5 percent of ticks in the placebo group had. One month out, both doses of the pill killed around 90 percent of ticks. The company reported no serious adverse events from the pill, and none of the participants dropped out due to side effects.

“The takeaway is that it killed the ticks really quickly,” Hu says. “And the effect lasted for a long time.”

The fact that the drug targets ticks, rather than the bacteria that causes Lyme disease, means that it could protect against other tick-borne diseases that are spreading in the US, including babesiosis and anaplasmosis. Thanks to climate change and exploding deer populations, ticks are expanding their ranges—and carrying diseases with them.

Tarsus has not proven that its pill can actually prevent Lyme disease. That will require testing the drug in hundreds of people who are at high risk of contracting the disease. But Hu is cautiously optimistic: “This pill is potentially a pre-exposure prophylaxis that you don’t have to think about.”

Azamian imagines it as something people would take before going hiking or on a camping trip or just going outside in any tick-infested area.

“There is that subset of people that truly have persistent symptoms after Lyme disease that can really be devastating,” Auwaerter says, “so preventing that would be an amazing opportunity.”

This story originally appeared on wired.com.

Tick-killing pill shows promising results in human trial Read More »

“overwhelming-evidence”-shows-craig-wright-did-not-create-bitcoin,-judge-says

“Overwhelming evidence” shows Craig Wright did not create bitcoin, judge says

Bitcoin, bitcoin creator, chatgpt, Craig Wright, Cryptocurrency, fraud, perjury, Policy, satoshi nakamoto, UK high court / /

Debate closed —

Jack Dorsey posted a “W,” as judge halts Wright’s suits against developers.

Dr. Craig Wright arrives at the Rolls Building, part of the Royal Courts of Justice, on February 06, 2024, in London, England.

Enlarge / Dr. Craig Wright arrives at the Rolls Building, part of the Royal Courts of Justice, on February 06, 2024, in London, England.

“Overwhelming evidence” shows that Australian computer scientist Craig Wright is not bitcoin creator Satoshi Nakamoto, a UK judge declared Thursday.

In what Wired described as a “surprise ruling” at the closing of Wright’s six-week trial, Justice James Mellor abruptly ended years of speculation by saying:

“Dr. Wright is not the author of the Bitcoin white paper. Dr. Wright is not the person that operated under the pseudonym Satoshi Nakamoto. Dr. Wright is not the person that created the Bitcoin system. Nor is Dr. Wright the author of the Bitcoin software.”

Wright was not in the courtroom for this explosive moment, Wired reported.

In 2016, Wright had claimed that he did not have the “courage” to prove that he was the creator of bitcoin, shortly after claiming that he had “extraordinary proof.” As debate swirled around his claims, Wright began filing lawsuits, alleging that many had violated his intellectual property rights.

A nonprofit called the Crypto Open Patent Alliance (COPA) sued to stop Wright from filing any more lawsuits that it alleged were based on fabricated evidence, Wired reported. They submitted hundreds of alleged instances of forgery or tampering, Wired reported, asking the UK High Court for a permanent injunction to block Wright from ever making the claim again.

As a result of Mellor’s ruling, CoinDesk reported that Wright’s lawsuits against Coinbase and Twitter founder Jack Dorsey’s Block would be halted. COPA’s lawyer, Jonathan Hough, told CoinDesk that Wright’s conduct should be considered “deadly serious.”

“On the basis of his dishonest claim to be Satoshi, he has pursued claims he puts at hundreds of billions of dollars, including against numerous private individuals,” Hough said.

On Thursday, Dorsey posted a “W” on X (formerly Twitter), marking the win and quoting Mellor’s statements clearly rejecting Wright’s claims as false. COPA similarly celebrated the victory.

“This decision is a win for developers, for the entire open source community, and for the truth,” a COPA spokesperson told CoinDesk. “For over eight years, Dr. Wright and his financial backers have lied about his identity as Satoshi Nakamoto and used that lie to bully and intimidate developers in the bitcoin community. That ends today with the court’s ruling that Craig Wright is not Satoshi Nakamoto.”

Wright’s counsel, Lord Anthony Grabiner, had argued that Mellor granting an injunction would infringe Wright’s freedom of speech. Grabiner noted that “such a prohibition is unprecedented in the UK and would prevent Wright from even casually going to the park and declaring he’s Satoshi without incurring fines or going to prison,” CoinDesk reported.

COPA thinks the injunction is necessary, though.

“We are seeking to enjoin Dr. Wright from ever claiming to be Satoshi Nakamoto again and in doing so avoid further litigation terror campaigns,” COPA’s spokesperson told Wired.

And that’s not all that COPA wants. COPA has also petitioned for Wright’s alleged forgeries—some of which Reuters reported were allegedly produced using ChatGPT—to be review by UK criminal courts, where he could face fines and/or prison time. Hough alleged at trial that Wright “has committed fraud upon the court,” Wired reported, asking Britain’s Crown Prosecution Service to consider prosecuting Wright for “perjury and perverting the course of justice,” CoinDesk reported.

Wright’s counsel argued that COPA would need more evidence to back such a claim, CoinDesk reported.

Mellor won’t issue his final judgment for a month or more, Wired reported, so it’s not clear yet if Wright will be enjoined from claiming he is bitcoin’s creator. The judgement will “be ready when it’s ready and not before,” Mellor said.

“Overwhelming evidence” shows Craig Wright did not create bitcoin, judge says Read More »

epic-asks-court-to-block-apple’s-27%-commission-on-website-purchases

Epic asks court to block Apple’s 27% commission on website purchases

Apple, Apple App Store, epic games apple, Policy / /
iPhones on display at an Apple Store

Getty Images | Justin Sullivan

Epic Games yesterday urged a federal court to sanction Apple for alleged violations of an injunction that imposed restrictions on the iOS App Store. Epic cited a 27 percent commission charged by Apple on purchases completed outside the usual in-app payment system and other limits imposed on developers.

“Apple is in blatant violation of this Court’s injunction,” Epic wrote in a filing in US District Court for the Northern District of California. “Its new App Store policies continue to impose prohibitions on developers that this Court found unlawful and enjoined. Moreover, Apple’s new policies introduce new restrictions and burdens that frustrate and effectively nullify the relief the Court ordered.”

The permanent injunction issued by the court in September 2021 said that Apple may not prohibit app developers from including external links to alternate sales channels “or other calls to action that direct customers to purchasing mechanisms” that aren’t Apple’s in-app purchasing system. The injunction also said that Apple may not prohibit developers from “communicating with customers through points of contact obtained voluntarily from customers through account registration within the app.”

Epic pointed out that the iPhone maker requires developers to “pay Apple a new fee of 27% on any purchases users make outside the app up to one week after clicking a Link.” The fee alone “is enough to frustrate the very purpose of the Injunction; if Apple is allowed to tax out-of-app purchases, those purchases could never constrain Apple’s pricing of IAP [in-app purchases], and developers and consumers would not have any reason to use these alternative transacting options,” Epic said.

The case began in August 2020 when Fortnite maker Epic filed a lawsuit claiming that Apple monopolizes the iOS app distribution and in-app payment markets and was guilty of anti-competitive conduct. A federal judge determined after trial that Apple violated California’s competition laws and “that Apple’s anti-steering provisions hide critical information from consumers and illegally stifle consumer choice.”

An appeals court upheld the injunction in April 2023, and the Supreme Court decided not to take up the case. The injunction applies nationwide.

Apple: We’re complying

Apple said in a January 2024 filing that it is complying with the 2021 injunction. Apple said it now “expressly permits developers with apps on the iOS or iPadOS App Store US storefronts to include buttons or external links with calls to action within their apps that direct users to alternative, out-of-app purchasing mechanisms.” Apple also said it “does not limit developers’ ability to send out-of-app communications to users regarding alternative purchasing methods.”

Regarding the 27 percent commission, Apple said the charge “complies with the Injunction’s plain terms” and is “consistent with the Court’s rationale for upholding Apple’s other App Store policies.” Apple’s website says the commission applies to proceeds for sales “on your website after a link out.”

Epic argues that “Apple’s new scheme so pervasively taxes, regulates, restricts and burdens in-app links directing users to alternative purchasing mechanisms on a developer’s website (‘External Links’ or ‘Links’) as to make them entirely useless. Moreover, Apple continues to completely prohibit the use of ‘buttons… or other calls to action’ in direct contravention of this Court’s Injunction.”

Epic argues that the “plain button style” required by Apple “is not a button at all.” Epic provided this illustration, saying the only allowed button types are the ones in the green box:

The original version of that illustration comes from Apple’s website. On another page, Apple says that external purchase links must use the plain button style.

“With these new policies, Apple continues to charge unjustified fees and intentionally prevent the ‘open flow of information,'” Epic said. “Apple’s goal is clear: to prevent purchasing alternatives from constraining the supracompetitive fees it collects on purchases of digital goods and services. Apple’s so-called compliance is a sham.”

Epic asks court to block Apple’s 27% commission on website purchases Read More »

amid-paralyzing-ransomware-attack,-feds-probe-unitedhealth’s-hipaa-compliance

Amid paralyzing ransomware attack, feds probe UnitedHealth’s HIPAA compliance

Change Healthcare, cyberattack, health, HHS, HIPAA, Policy, ransomware, Science, unitedhealth / /

most significant and consequential incident —

UnitedHealth said it will cooperate with the probe as it works to restore services.

Multistory glass-and-brick building with UnitedHealthcare logo on exterior.

As health systems around the US are still grappling with an unprecedented ransomware attack on the country’s largest health care payment processor, the US Department of Health and Human Services is opening an investigation into whether that processor and its parent company, UnitedHealthcare Group, complied with federal rules to protect private patient data.

The attack targeted Change Healthcare, a unit of UnitedHealthcare Group (UHG) that provides financial services to tens of thousands of health care providers around the country, including doctors, dentists, hospitals, and pharmacies. According to an antitrust lawsuit brought against UHG by the Department of Justice in 2022, 50 percent of all medical claims in the US pass through Change Healthcare’s electronic data interchange clearinghouse. (The DOJ lost its case to prevent UHG’s acquisition of Change Healthcare and last year abandoned plans for an appeal.)

As Ars reported previously, the attack was disclosed on February 21 by UHG’s subsidiary, Optum, which now runs Change Healthcare. On February 29, UHG accused the notorious Russian-speaking ransomware gang known both as AlphV and BlackCat of being responsible. According to The Washington Post, the attack involved stealing patient data, encrypting company files, and demanding money to unlock them. The result is a paralysis of claims processing and payments, causing hospitals to run out of cash for payroll and services and preventing patients from getting care and prescriptions. Additionally, the attack is believed to have exposed the health data of millions of US patients.

Earlier this month, Rick Pollack, the president and CEO of the American Hospital Association, called the ransomware attack on Change Healthcare “the most significant and consequential incident of its kind against the US health care system in history.”

Now, three weeks into the attack, many health systems are still struggling. On Tuesday, members of the Biden administration met with UHG CEO Andrew Witty and other health industry leaders at the White House to demand they do more to stabilize the situation for health care providers and services and provide financial assistance. Some improvements may be in sight; on Wednesday, UHG posted an update saying that “all major pharmacy and payment systems are up and more than 99 percent of pre-incident claim volume is flowing.”

HIPAA compliance

Still, the data breach leaves big questions about the extent of the damage to patient privacy, and the adequacy of protections moving forward. In an additional development Wednesday, the health department’s Office for Civil Rights (OCR) announced that it is opening an investigation into UHG and Change Healthcare over the incident. It noted that such an investigation was warranted “given the unprecedented magnitude of this cyberattack, and in the best interest of patients and health care providers.”

In a “Dear Colleague” letter dated Wednesday, the OCR explained that the investigation “will focus on whether a breach of protected health information occurred and Change Healthcare’s and UHG’s compliance with the HIPAA Rules.” HIPAA is the Health Insurance Portability and Accountability Act, which establishes privacy and security requirements for protected health information, as well as breach notification requirements.

In a statement to the press, UHG said it would cooperate with the investigation. “Our immediate focus is to restore our systems, protect data and support those whose data may have been impacted,” the statement read. “We are working with law enforcement to investigate the extent of impacted data.”

The Post notes that the federal government does have a history of investigating and penalizing health care organizations for failing to implement adequate safeguards to prevent data breaches. For instance, health insurance provider Anthem paid a $16 million settlement in 2020 over a 2015 data breach that exposed the private data of almost 79 million people. The exposed data included names, Social Security numbers, medical identification numbers, addresses, dates of birth, email addresses, and employment information. The OCR investigation into the breach discovered that the attack began with spear phishing emails that at least one employee of an Anthem subsidiary fell for, opening the door to further intrusions that went undetected between December 2, 2014, and January 27, 2015.

“Unfortunately, Anthem failed to implement appropriate measures for detecting hackers who had gained access to their system to harvest passwords and steal people’s private information,” OCR Director Roger Severino said at the time. “We know that large health care entities are attractive targets for hackers, which is why they are expected to have strong password policies and to monitor and respond to security incidents in a timely fashion or risk enforcement by OCR.”

Amid paralyzing ransomware attack, feds probe UnitedHealth’s HIPAA compliance Read More »

bill-skarsgard-takes-revenge-from-beyond-the-grave-in-the-crow-trailer

Bill Skarsgård takes revenge from beyond the grave in The Crow trailer

culture, Entertainment, film trailers, Lionsgate, The Crow, Trailers / /

True love never dies —

“You know that love promises only pain.”

Bill Skarsgård takes on the role of Eric Draven in the Lionsgate reboot of The Crow.

The 1994 cult classic film The Crow turns 30 this spring, so it’s as good a time as any to drop the first trailer for the long-in-development reboot directed by Rupert Sanders (Snow White and the Huntsman, Ghost in the Shell). Bill Skarsgård takes on the starring role made famous by the late Brandon Lee.

(Spoilers for the original 1994 film below.)

Based on a 1989 limited comic series by James O’Barr, The Crow was directed by Alex Proyas. The film starred Brandon Lee as Eric Draven, a rock musician in crime-ridden Detroit. He and his fiancée, Shelly Webster (Sofia Shinas), are brutally murdered on Devil’s Night by a gang of thugs on the orders of a crime boss named Top Dollar (Michael Wincott). A year later, Eric is resurrected, dons black-and-white face paint, and proceeds to take his bloody revenge before returning to his grave. Alas, Lee was accidentally killed by a prop gun during the final days of shooting; the film was completed with the help of Lee’s stunt double (Chad Stahelski, who launched the John Wick franchise) and some clever special effects.

Despite the shadow of Lee’s tragic death, The Crow went on to gross $94 million against its modest $23 million budget and establish itself as a cult classic. Sure, the dialogue was occasionally hokey, and most of the characters were pretty one-dimensional, but there was no denying Lee’s star power and the striking visual energy, augmented by a killer soundtrack. There were three sequels focused on different characters with none of the original cast members, but none of those were as successful as the original.

Plans for a reboot first emerged in late 2008, but the development process proved rocky. O’Barr initially expressed pessimism about any reboot but later warmed to the prospect. As recently as November 2019, Proyas remained adamantly opposed: “It’s not just a movie that can be remade, it’s one man’s [Lee’s] legacy,” he said at the time. “And it should be treated with that level of respect.”

The project cycled through directors, stars, screenwriters, and so forth for more than a decade before Sanders signed on as director in 2022. Along with Skarsgård, the cast includes FKA Twigs as Shelly and Isabella Wei as Zadie. Danny Huston, Laura Birn, Sami Bouajila, and Jordan Bolger will also appear in as-yet-unnamed roles. Per the official premise:

Soulmates Eric Draven (Skarsgård) and Shelly Webster (FKA Twigs) are brutally murdered when the demons of her dark past catch up with them. Given the chance to save his true love by sacrificing himself, Eric sets out to seek merciless revenge on their killers, traversing the worlds of the living and the dead to put the wrong things right.

The fact that Eric apparently has a chance to save Shelly by sacrificing himself is a marked departure from the 1994 film and in keeping with Sanders’ stated desire to let the love story be the primary driver for his reboot. The trailer opens by introducing us to the young lovers, moving quickly from their first meeting to the consummation of their love. They’re basically two broken people who find happiness in each other—until Shelly witnesses a murder that results in the couple being brutally and fatally attacked. Eric comes back as The Crow, bent on revenge, even as he’s “running out of time to save her.”

  • Eric Draven (Bill Skarsgård) falls in love with Shelly (FKA Twigs).

    YouTube/Lionsgate

  • Shelly saw something she shouldn’t have seen, bringing violence to their door.

    YouTube/Lionsgate

  • Crows are supposed to carry away the souls of the dead.

    YouTube/Lionsgate

  • Sometimes that doesn’t happen until the very bad things are set to right.

    YouTube/Lionsgate

  • “I’m gonna kill them all.”

    YouTube/Lionsgate

  • Danny Huston plays a villain in a very nice suit.

    YouTube/Lionsgate

  • “We have a problem.” When Laura Birn is right, she’s right.

    YouTube/Lionsgate

  • He knows exactly what hell awaits him.

    YouTube/Lionsgate

Look, the trailer seems perfectly fine. Skarsgård is a phenomenal acting talent, but while Huston generally makes a great villain, one rather misses the wry humor of Wincott’s Goth sadist Top Dollar. The truth is, this reboot could be a tough sell to longtime fans of the original (like me), although it’s encouraging that the director seems to have won over O’Barr with his decision to hark back to the source material.

Sanders is very much aware of this challenge and is taking pains to emphasize his deep regard for Lee’s legacy. “What Alex Proyas did with The Crow in 1994—and Brandon Lee’s iconic embodiment of that character—will forever impact that generation and others to follow,” he said in a statement accompanying the trailer’s release. “It expressed its time in a very specific, music-driven vision.” Sanders added that his own vision strives to bring The Crow (including the original book) to a new generation of young people, calling the character of Eric Draven/The Crow “the original anti-superhero” who grapples with universal themes of “love, grief, and rage.”

Skarsgård also issued a statement that he has long been a fan of the original film; it was Sanders’ vision that convinced him to star in the reboot. “[Sanders] wanted to completely reimagine the story and the character and tailor it towards a modern audience,” he said. “It’s a character that I know many revere and have a strong connection to—he is unlike any I’ve ever taken on before. I felt a responsibility to Eric’s story and endeavored to stay true to the spirit of the source material.”

The Crow was originally scheduled for release on June 7, 2024. But the trailer tells us it’s coming “this summer,” which is vague. I guess we’ll see.

Lionsgate

Listing image by YouTube/Lionsgate

Bill Skarsgård takes revenge from beyond the grave in The Crow trailer Read More »

the-asus-zenfone-11-ultra-abandons-the-small-phone-market

The Asus Zenfone 11 Ultra abandons the small-phone market

Tech, Zenfone / /

RIP small phones —

The Zenfone 10 was a unique 5.9-inch phone; this year’s Zenfone is more generic.

  • The Asus Zenfone 11 Ultra.

    Asus

  • The front and back of the phone.

    Asus

  • The camera bump has some height to it.

    Asus

  • I don’t think you’d ever notice this on your own, but the website makes clear the lines on the back are supposed to represent an “A.”

    Asus

Asus’ latest flagship is the Zenfone 11 Ultra. For lovers of small phones, this represents one of the stalwart small-phone manufacturers abandoning you. I’m sorry. The Zenfone 10 was a unique little 5.9-inch powerhouse, but the Zenfone 11 is just another big Android phone with the same 6.78-inch display as everyone else. Big displays are expensive, so of course, the price is bigger, too: $899 instead of the $699 price of the smaller phone.

The whole phone looks a lot more generic than last year. Instead of the two big camera circles of the Zenfone 10, the back now has a square camera block that looks like every other phone. The front screen is flat, the sides are a flat metal band, and the only real identifying features are a few decorative lines on the rear panel.

That big 6.78-inch display is a 2400×1080 OLED. Normally, it runs at 120 Hz, but Asus says it’s capable of 144 Hz “for gaming only.” It has a Snapdragon 8 Gen 3 SoC, 12GB or 16GB of RAM, and 256GB or 512GB of UFS4.0 storage. The 5500 mAh battery is a bit bigger than most phones, so that’s something to cling to. The phone has 65 W wired charging and 15 W wireless charging, IP68 dust and water-resistance, and an in-screen fingerprint reader. There’s a 3.5 mm headphone jack on the bottom of the phone.

The main camera is a 50MP Sony IMX890, which iss not particularly impressive since it’s a secondary camera on some other phones. Camera No. 2 is a 13 MP Ultrawide. Camera No. 3 is a 32 MP sensor with a 3x optical zoom.

The Android market is packed with phones, and the hard thing to accomplish for any manufacturer is standing out from the crowd. The Zenfone line used to do that by being one of the only options for a small high-end phone, while the gamer-focused ROG line handled the 6.7-inch market. Now, the Zenfone is just another generic big phone. The phone ships in April and will work on AT&T and T-Mobile.

Listing image by Asus

The Asus Zenfone 11 Ultra abandons the small-phone market Read More »

“you-a—holes”:-court-docs-reveal-epic-ceo’s-anger-at-steam’s-30%-fees

“You a—holes”: Court docs reveal Epic CEO’s anger at Steam’s 30% fees

epic games, gaming, Tim Sweeney, valve / /

Not just for show —

Unearthed emails show the fury that helped motivate Epic’s Games Store launch.

Epic Games founder and CEO Tim Sweeney.

Epic Games founder and CEO Tim Sweeney.

Epic CEO Tim Sweeney has long been an outspoken opponent of what he sees as Valve’s unreasonable platform fees for listing games on Steam, which start at 30 percent of the total sale price. Now, though, new emails from before the launch of the competing Epic Games Store in 2018 show just how angry Sweeney was with the “assholes” at companies like Valve and Apple for squeezing “the little guy” with what he saw as inflated fees.

The emails, which came out this week as part of Wolfire’s price-fixing case against Valve (as noticed by the GameDiscoverCo newsletter), confront Valve managers directly for platform fees Sweeney says are “no longer justifiable.” They also offer a behind-the-scenes look at the fury Sweeney and Epic would unleash against Apple in court proceedings starting years later.

“I bet Valve made more profit… than the developer themselves…”

The first mostly unredacted email chain from the court documents, from August 2017, starts with Valve co-founder Gabe Newell asking Sweeney if there is “anything we [are] doing to annoy you?” That query was likely prompted by Sweeney’s public tweets at the time questioning “why Steam is still taking 30% of gross [when] MasterCard and Visa charge 2-5% per transaction, and CDN bandwidth is around $0.002/GB.” Later in the same thread, he laments that “the internet was supposed to obsolete the rent-seeking software distribution middlemen, but here’s Facebook, Google, Apple, Valve, etc.”

Expanding on these public thoughts in a private response to Newell, Sweeney allows that there was “a good case” for Steam’s 30 percent platform fee “in the early days.” But he also argues that the fee is too high now that Steam’s sheer scale has driven down operating costs and made it harder for individual games to get as much marketing or user acquisition value from simply being available on the storefront.

Calculating.... calculating... profit maximizing point found!

Enlarge / Calculating…. calculating… profit maximizing point found!

Getty / Aurich Lawson

Sweeney goes on to spitball some numbers showing how Valve’s fees are contributing to the squeeze all but the biggest PC game developers were feeling on their revenues:

If you subtract out the top 25 games on Steam, I bet Valve made more profit from most of the next 1,000 than the developer themselves made. These guys are our engine customers and we talk to them all the time. Valve takes 30% for distribution; they have to spend 30% on Facebook/Google/Twitter [user acquisition] or traditional marketing, 10% on server, 5% on engine. So, the system takes 75% and that leaves 25% for actually creating the game, worse than the retail distribution economics of the 1990’s.”

Based on experience with Fortnite and Paragon, Sweeney estimates that the true cost of distribution for PC games that sell for $25 or more in Western markets “is under 7% of gross.” That’s only slightly lower than the 12 percent take Epic would establish for its own Epic Games Store the next year.

“Why not give ALL developers a better deal?”

The second email chain revealed in the lawsuit started in November 2018, with Sweeney offering Valve a heads-up on the impending launch of the Epic Games Store that would come just weeks later. While that move was focused on PC and Mac games, Sweeney quickly pivots to a discussion of Apple’s total control over iOS, the subject at the time of a lawsuit whose technicalities were being considered by the Supreme Court.

Years before Epic would bring its own case against Apple, Sweeney was somewhat prescient, noting that “Apple also has the resources to litigate and delay any change [to its total App Store control] for years… What we need right now is enough developer, press, and platform momentum to steer Apple towards fully opening up iOS sooner rather than later.”

To that end, Sweeney attempted to convince Valve that lowering its own platform fees would hurt Apple’s position and thereby contribute to the greater good:

A timely move by Valve to improve Steam economics for all developers would make a great difference in all of this, clearly demonstrating that store competition leads to better rates for all developers. Epic would gladly speak in support of such a move anytime!

In a follow-up email on December 3, just days before the Epic Games Store launch, Sweeney took Valve to task more directly for its policy of offering lower platform fees for the largest developers on Steam. He offered some harsh words for Valve while once again begging the company to serve as a positive example in the developing case against Apple.

Right now, you assholes are telling the world that the strong and powerful get special terms, while 30% is for the little people. We’re all in for a prolonged battle if Apple tries to keep their monopoly and 30% by cutting backroom deals with big publishers to keep them quiet. Why not give ALL developers a better deal? What better way is there to convince Apple quickly that their model is now totally untenable?

After being forwarded the message by Valve’s Erik Johnson, Valve COO Scott Lynch simply offered up a sardonic “You mad bro?”

GameDiscoverCo provides a good summary of other legal tidbits offered in the (often heavily redacted) documents published in the case file this week. Wolfire is now seeking a class-action designation in the suit with arguments that largely rehash those that we covered when the case was originally filed in 2021 (and revived in 2022). While Epic Games isn’t directly involved in those legal arguments, it seems Sweeney’s long-standing position against Valve’s monopoly might continue to factor into the case anyway.

“You a—holes”: Court docs reveal Epic CEO’s anger at Steam’s 30% fees Read More »