Food, History, Security

Can You Spot the AI Face? The Redneck Problem in Synthetic Face Detection

Leave a comment

When an outsider gets off a plane in Nepal for the first time, the faces blur together. A month later, they see Tibetans, Indians, Chinese, Nepalese. Mountain faces, valley faces. Nobody teaches what to look for. They just experience exposure and the human perceptual system builds the categories.

When a mountain village Maoist teenager points an AK-47 at you, the out-of-place hostile appearance is obvious, and identified far too late. Perceptual learning creates differentiation where statistical exposure builds out reliable dimensions. The outsider arrives with a collapsed face-space for South Asians. A month later, the axes develop to distinguish Sherpa from Tamang from Newar, friendly from hostile.

Boy with automation technology wows the ladies in Butwal, Nepal. Look at his face, and what do you see? Source: AP

As someone who grew up in the most rural prairie in Kansas, I can tell you this is the redneck problem: someone whose environment didn’t provide the data to build certain distinctions is vulnerable.

We knew as kids we weren’t supposed to shoot signs. Wasn’t that the whole point of shooting the signs? Our red neck was a physical marker of the environmental conditions that predicted an isolation leading to perceptual poverty.

The person who “can’t tell them apart” isn’t lazy or hostile as much as they are a product of their (often fear based isolation). They’re accurately reporting self-imposed limited perceptual reality. Their pattern recognition system, stuck out in the fields alone, never benefited from human training data. They could identify lug nuts and clay soil yet not a single tribe of Celts.

The same problem is crippling Western synthetic face detection research. And it’s a problem I’ve seen before.

Layer Problem

My mother, a linguistic anthropologist, and I have published research on Nigerian 419 scams nearly twenty years ago. We said intelligence brings vulnerability, and presented it at RSA Conference in 2010 under the title “There’s No Patch for Social Engineering.

One of our key findings: intelligence is not a reliable defense against social engineering. The victims of advance fee fraud weren’t stupid. They were, disproportionately, well-educated professionals such as university professors, doctors, lawyers, financial planners. People who trusted their reasoning.

I remember training law enforcement investigators and being told, in a windowless square room of white men bathed in drab colors and cold florescent lighting, that this concept of wider exposure would be indispensable to their fraud cases.

A 2012 study in the Journal of Personality and Social Psychology then proved our work and found the same pattern more broadly: “smarter people are more vulnerable to these thinking errors.”

These researchers, without reference to our prior work, found that higher SAT scores correlated with greater susceptibility to certain cognitive biases, partly because intelligent people trust their own reasoning from their past success and don’t notice when it’s being disrupted, being bypassed.

The attack works because it targets a layer below conscious analysis. You can’t defend against bias attacks with intelligence, because intelligence operates at the wrong layer. The defense has to match the attack surface.

I’m watching the synthetic face detection literature make the same mistake again.

Puzzle This

A paper published last month in Royal Society Open Science tested whether people could learn to spot AI-generated faces.

The results were striking but confusing.

Without training, typical observers performed below chance as they actually rated synthetic faces as more real than real ones.

This isn’t incompetence. It’s a known phenomenon called AI hyperrealism: GAN-generated faces are statistically too average, too centered in face-space, and human perception reads that as trustworthy and familiar.

Super-recognizers, the top percentile on face recognition tests, performed at chance without training. Not good, but at least not fooled by the hyperrealism effect.

Then both groups got five minutes of training on rendering artifacts: misaligned teeth, weird hairlines, asymmetric ears. The kind of glitches GANs sometimes leave behind.

Training helped. Trained super-recognizers hit 64% accuracy. So here’s the puzzle: the training effect was identical in both groups. Super-recognizers didn’t benefit more or less than typical observers.

The researchers’ conclusion:

SRs are using cues unrelated to rendering artefacts to detect and discriminate synthetic faces.

Super-recognizers are detecting something the researchers could not identify and therefore can’t train. The artifact training adds a second detection channel on top of whatever super-recognizers are already doing. But what they’re already doing is presented as a black box.

Wrong Layer, Again

The researchers are trying to solve a perceptual problem with instruction. “Look for the misaligned teeth” is asking the cognitive layer to do work that needs to happen at the perceptual layer.

It’s why eugenics is fraud.

It’s the same structural error as trying to defend against social engineering with awareness training. Watch out for urgency tactics. Be suspicious of unsolicited requests. Helpful, yet not helpful enough.

The instruction targets conscious reasoning. The attack targets intuition and bias. The defense operates at the wrong layer, so it fails easily, especially where attackers hit hidden bias such as racism.

The banker who never went to Africa is immensely more vulnerable to fraud with an origination story from Africa. The intelligence lacking diversity opens the vulnerability, and also explains the xenophobic defense mechanism.

Radiologists don’t learn to read X-rays by memorizing a checklist of tumor features. They look at thousands of X-rays with feedback. The pattern recognition becomes implicit. Ask an expert radiologist what they’re seeing and they’ll often say “it just looks wrong” before they can articulate the specific features.

A surgeon with training will look at hundreds of image slices of the brain on a white board in one room and know where to cut in another room down the hallway.

Japanese speakers learning English don’t acquire the /r/-/l/ distinction by being told where to put their tongue. They acquire it through exposure. Hundreds of hours of hearing the sounds in context, and their perceptual system eventually carves a boundary where none existed before.

Chicken “sexers” are the canonical example in the perceptual learning literature. They can’t tell you how they distinguish gender of day-old chicks. They just do it accurately, after enough supervised practice.

This is the pattern everywhere that humans develop perceptual expertise: data first, implicit learning, explicit understanding (maybe) later.

Five minutes of “look for the weird teeth” gets you artifact-spotting as a conscious strategy. It doesn’t build the underlying statistical model that makes synthetic faces feel wrong before you can say why. And just like with social engineering, the people who think they’re protected because they learned what to look for may be the most confidently wrong.

But the dependence in artifact-spotting also tells you something about the people who believe in it. They seek refuge in easy, routine, minimal judgement fixes for a world that requires identification, storage, evaluation and analysis. The former without the latter is just snake-oil, like placebos during a pandemic.

Compounding Vulnerability

The other-race effect is well-documented: people are worse at distinguishing faces from racial groups they haven’t had exposure to. The paper even found it in their data as participants were better at detecting synthetic faces when those faces were non-White, likely because the GANs were trained primarily on White faces and rendered other ethnicities less convincingly.

Don’t you want to know who discovered the bias in Google platform engineering and when?

But here’s where it gets dark, like the racism of a 1930s Kodak photograph, let alone the radioactive corn they secretly detected in 1946.

If you have less exposure to faces from other groups, you’re worse at distinguishing individuals within those groups. And if you’re worse at distinguishing real faces, you’re certainly worse at detecting synthetic ones.

Deep fakes may be a racism canary.

The populations most susceptible to disinformation using AI-generated faces are precisely the populations with the least perceptual defense. Isolated communities. Homogeneous environments. Places where “they all look alike” is an accurate description of perceptual reality.

An adversary running a disinfo campaign knows this. Target the isolationists. America First is weakness.

If you’re generating fake faces to manipulate a target population, you generate faces from groups that population has the least exposure to. The attack surface is largest where the perceptual poverty is deepest.

The redneck who “can’t tell them apart” isn’t just failing a social sensitivity test. They’re a soft target. Their impoverished face-space makes them maximally vulnerable to synthetic faces from unfamiliar groups. They can’t detect the fakes because they never learned to see the reals.

This compounds with the social engineering vulnerability. The same isolated populations are targets for both perceptual attacks (fake faces they can’t distinguish) and cognitive bias attacks (scams that bypass reasoning). The defenses being offered like artifact instruction and awareness training both fail because they target the wrong layer.

Prejudice is Perceptual Poverty

The foundation of certain kinds of hate is ignorance. Not ignorance as moral failing – ignorance as literal absence of data.

The perceptual system builds categories from exposure. Dense exposure creates fine-grained distinctions. Sparse exposure leaves regions of perceptual space undifferentiated. The person who grew up in a homogeneous environment doesn’t choose to see other groups as undifferentiated. Their visual system never got the training data to do otherwise.

This reframes prejudice, or at least a big component of it. Not attitude to be argued with. Not moral failure to be condemned. Perceptual poverty to be remediated.

And here’s the hope: the human system is plastic.

A month in Nepal fixes the Nepal problem. A year in a diverse environment builds cross-racial perceptual richness. The same neural architecture that fails to distinguish unfamiliar faces can learn to distinguish them. It just needs data.

Diversity training programs typically target attitudes. “Stereotyping is wrong and here’s why.” But you can’t lecture someone into seeing distinctions their visual system isn’t configured to make, or maybe even is damaged by years of America First rhetoric. The intervention is at the wrong layer.

What if you could train the perceptual layer directly?

The Experiment Nobody Has Run

The synthetic face detection literature keeps asking “what should we tell people to look for?” The question they should be asking is “how much exposure produces implicit detection?”

Here are the study designs, for those looking to leap ahead:

For AI detection:

  • Recruit typical observers (not super-recognizers)
  • Expose them to 500+ synthetic and real faces per day, randomly intermixed
  • Provide only real/fake feedback after each trial, no instruction on features
  • Continue for 4-6 weeks
  • Test detection accuracy at baseline, weekly during training, and post-training
  • Compare to control group receiving standard artifact instruction
  • Test whether training transfers to faces from a new GAN architecture

For deeper questions of safety:

  • Use stimuli that include faces from multiple racial/ethnic groups
  • Test whether exposure-based training improves detection equally across groups
  • Test whether it also improves cross-racial face discrimination (telling individuals apart) as a side effect
  • Measure implicit bias before and after

My prediction: exposure-based training will work for synthetic face detection, producing super-recognizer-like implicit expertise in typical observers. And as a side effect, it will build cross-racial perceptual richness.

The transfer test matters. If exposure-trained observers can detect synthetic faces from novel generators they’ve never seen, they’ve learned something general about real versus synthetic faces. If they can only detect faces similar to their training set, they’ve just memorized one architecture’s failure modes.

The cross-racial test matters more. If diverse exposure simultaneously improves AI detection and reduces perceptual other-race effects, you’ve found an intervention that works at the right layer.

Yoo Hoo Over Here

I’ve been watching security research make this mistake for twenty years.

Social engineering attacks bias. The defense offered: awareness training. Wrong layer.

Synthetic faces attack perception. The defense offered: artifact instruction. Wrong layer.

Prejudice operates partly at the perceptual level. The defense offered: diversity lectures about attitudes. Wrong layer.

In each case, the intervention appeals to conscious reasoning to solve a problem that operates below conscious reasoning. In each case, smart people are not protected – and may be more vulnerable because they trust their analysis.

The defense has to match the attack surface. You can’t patch social engineering with intelligence. You can’t patch perceptual poverty with instruction.

You patch it with data. Structured, extended, high-volume exposure that trains the layer actually under attack.

The redneck problem isn’t moral failure. It’s data deprivation.

The fix isn’t instruction. It’s exposure. Redneck describes a remediable data deprivation, not moral defect.

Come in from the deadly heat of fieldwork that killed Catherine Greene’s husband, choose three out of 51 ice cream flavors, and have a chat about how American pineapples and bananas really got to Kansas.

Somebody should run the study.

And hopefully this time, we will see better citations.

Food, History, Poetry, Security

The Nazis Wore Red: A Curious Case of Color-Correction in Contemporary Fascist Cinema

Leave a comment

One does not typically expect to find oneself arguing with a film’s color palette for Nazis. Yet here we are. A new Italian film isn’t making just a palette mistake, however, it’s systematically reconstructing fascism as its exact opposite.

Silvio Soldini’s Le assaggiatrici (2025) is based on Rosella Postorino’s bestselling 2018 Italian novel by the same name about Hitler’s food tasters at the Wolfsschanze. In German it’s titled Die Vorkosterinnen.

The book cover features a seductive red butterfly that obscures an Aryan model, as imposed red lipstick defines her identity. The red of Nazi ideology appears to be consuming her, in a book about forced consumption or death.

It has arrived to generally favourable notices. The performances are creditable. The tension is effectively sustained. The director has stated, in interviews with Deutsche Welle and elsewhere, that he prioritises “emotional truth” over historical precision, which seems like a defensible artistic position, and one that accounts for certain liberties taken with the source material.

What it does not account for is the film’s extraordinary disinformation decision to wash the entire Nazi apparatus in petrol (teal).

Chromatic History of National Socialism

Adolf Hitler was many things. Indifferent to visual propaganda definitely was not among them.

His very particular selection of red, white, and black for the visual identity of a Nazi was not accidental. Hitler addressed the question directly in Mein Kampf, explaining that Imperial German red was deliberately chosen for psychological impact. He wanted its association with revolution, its capacity to command attention, its physiological effect on the blood and nerves. The Nuremberg rallies were intentionally seas of red. The swastika banner was designed, by Hitler’s own account, to be impossible to ignore.

This was, one must acknowledge, a propaganda achievement from the lessons of WWI (e.g. Woodrow Wilson’s belief in spectacle as a weapon, leading to Edward Bernay’s publication of a propaganda bible). The Nazis understood from the last war, if not many before them, that militant power and rapid disruption comes not merely through argument but through aesthetic experience. The red was aggressive, confident, seductive. It promised antithesis, rupture, transformation. It stirred.

Historians have documented this extensively, leaving zero doubt. The visual architecture of fascism was Albert Speer’s Cathedral of Light, Leni Riefenstahl’s geometric masses of uniformed bodies, and most of all the omnipresent crimson banners.

1939 Nazi red banners contrasted sharply and covered everything, like the MAGA hat today. Source: Hugo Jaeger/Life Pictures/Shutterstock

The threat of burgundy covering Europe was not incidental to National Socialism but constitutive of it.

The Fiction of a Teal Reich

In Soldini’s film, none of this exists.

The SS uniforms, which on set were presumably some variant of field grey, have been color-graded into a cold greenish blue. This is what Europeans might call petrol, or an American teal. The train carriages are teal. The Wolfsschanze shadows are teal. The very air of occupied Poland appears to have been filtered through Caribbean seawater.

Americans thinking of azure blue vacations of peace and tranquility will be shocked to find this movie painting SS officers in the wrong palette.

Meanwhile, the women who are the victims, unwilling food tasters conscripted into service under threat of death, are dressed almost uniformly in burgundy and brown.

Warm tones. The color family of the swastika banner is applied to the victims, as if to invoke and rehydrate the Hitler propaganda of young beautiful Aryan women in danger. Even the protagonist’s name is Rose!

The shallow symbolic intention seems transparent: teal is meant to convey cold machinery of death versus flushed cheeks of red as a warm human vulnerability. Petroleum versus blood. It is the sort of color theory one encounters in undergraduate film studies seminars, and it is executed competently enough.

The difficulty is that it ends up ironically being fascist propaganda because it is precisely backwards.

Hitler Was an Inversion Artist

Consider what the audience is being taught.

A viewer encountering this film, especially the younger viewer for whom the Second World War is ancient history, absorbs the following visual grammar: Fascism is cold. Fascism is teal and grey and clinical. Fascism looks like a hospital corridor, or a Baltic winter, or an industrial refrigeration unit.

Die Vorkosterinnen depicts Nazi uniforms and machinery only in hues of teal. The SA literally were called “Brownshirts” when they seized power and destroyed democracy along with black-clad SS. An earth grey (erdgrau) shift was later during war.

False.

This is not what fascism looked like. It rose, in fact, as the exact opposite.

Source: “Hitler and the Germans” exhibit at the German Historical Museum, Berlin.

Fascism in Germany was always meant by Hitler to be red hot. It was his vision of Imperial red, white and black for stirring reactions and emotive attachment. It was torchlight and drums and the intoxication of abrupt mass belonging and sudden purpose. It was institutional drug and drink abuse to dispense rapid highs.

The Nazis did not present themselves as slow and precise, bureaucrats of byzantine rules. That was how they aspired to operate, but not how they recruited or actually functioned. They presented themselves as easy vitality, as rapid revolution, as blood and fire and national resurrection.

They were the cheap promise and marketing of Red Bull, Monster drink, 5 hour energy shot, not bowls of slow cooked hearty soup and vegetables with cream. “Fanta” was the Nazi division of Coca Cola, marketed like a Genozid Fantasie in a bottle.

Fanta was created by Coca-Cola to profit from Nazi Germany, avoiding sanctions. It was industrial food byproducts (apple waste, milk waste), marketed as a health drink using a word short for “fantasy”, because it was all about swallowing lies.

The women, meanwhile, would not have dressed in coordinated burgundy. They were rural conscripts and Berlin refugees. They wore what they had. But even setting aside questions of costume accuracy, there is something perverse about rendering victims in the color palette of the perpetrator’s own propaganda. Notably the women also are portrayed as the smoking, drinking and promiscuous ones, while the Nazis are falsely described as teetotalers.

This reversal is painful to see, as Nazis are played in the film as completely inverted to what makes Nazism so dangerous.

“Emotional Truth” and Its Discontents

Director Soldini has explained that historical precision matters less to him than achieving an emotional resonance. One sympathises with the artistic impulse to generate ticket sales. The film is definitely not a documentary, and accuracy is a burden that can produce its own distortions that don’t translate well to audience growth.

But “emotional truth” is not a free pass to rehydrate Nazism. If your emotional symbolism teaches audiences to look for the wrong visual signatures, if it trains them to associate fascism with cold clinical teal rather than seductive aggressive red, then your emotional truth is propagating a functional falsehood that is dangerous.

This disinformation risk matters far more today than it might have in 1995 or 2005. We are presently surrounded by political movements that borrow freely from the fascist playbook whilst their critics struggle to name what they are seeing. A large part of that struggle is visual.

People have been taught, through decades of erroneously toxic films like this one, that fascism is ugly, grey uniforms and clinical efficiency and cold industrial murder. It was not.

They have not been taught that it looks like rallies of red hats and the intoxication of belonging to something larger than oneself.

Every member of Huntington Beach City Council pose for a photo wearing red “Make Huntington Beach Great Again” hats at a swearing-in ceremony on 3 Dec 2024.

They have not been taught to recognize the aesthetic of hot, rapid seduction and “day one” promises of disruption.

Hollywood Teal

One must also note that Soldini is operating within a system. The teal-and-orange color grade has become so pervasive in contemporary cinema that it functions as a kind of default reference.

He pulled the visual equivalent of scoring every emotional beat with swelling orchestra strings. Teal is what films lean on for tension, ignoring the fact that many people dream of holidays in a typical Caribbean blue scene like a Corona ad.

This creates a particular problem for historical cinema. When every thriller, every dystopia, every prestige drama reaches for the same cool teal palette to signal “this is danger,” the color loses its actual meaning.

It becomes mere convention.

And when that convention is misleadingly applied to the Third Reich, it overwrites the actual chromatic signature of the period with a contemporary aesthetic that signifies nothing more than “this film is a color-by-number for cinematic bad things.”

The Nazis were not teal.

But teal is the reduced palette of what serious films dip into, so the Nazis get rehydrated as such. And viewers start embracing Nazism again while thinking the cool, calm drab good guys are the enemy (as targeted by hot-headed attention seeking rage lords).

White nationalist Nick Fuentes has said repeatedly the racist MAGA is the racist America First and that is exactly what he wants.

We Train Eyes to See the Train

One of the most annoying aspects of the film (SPOILER ALERT) is the director abruptly kills the Jew for trying to board the train of freedom. Of course in history the Nazi trains actually symbolize concentration camps, where anyone boarding faced almost certain death. Yet here’s a film that shows the inversion with trains as the freedom trail for the idealized Aryan woman working for Hitler, while the Jew was denied the ride.

The inspiration for the love story between Rosa and [SS leader] Ziegler stems from Woelk’s statement that an officer put her on a train to Berlin in 1944 to save her from the advancing Red Army, the armed forces of the Soviet Union. She later learned that all the other food tasters had been shot by Soviet soldiers.

That’s Nazi propaganda pulled forward, pure and unadulterated.

The love story in the film frames the SS leader as kind hearted savior, as he is shooting a Jew in the back so she couldn’t be liberated by approaching Allied soldiers, yet “saving” the Aryan girl by gifting her a rare spot on a Nazi train.

The film covers the protagonist’s hands in the blood of the Jewish woman murdered by her SS lover, blood she stares at on the train, perhaps to emphasize how the Swastika was believed to be a symbol of being lucky at birth. She lived to be 91 thanks to the SS, who made sure that a Jewish woman didn’t get a spot on that train, just a bullet in the back.

And just to be clear, Judenhilfe (hiding or even befriending a Jew) was a capital crime for years, eliminating all doubt by killing anyone who doubted. An Aryan woman caught running beside the Jewish woman she was helping and defending would not have been spared when a SS officer opened fire. In the worsening Nazism logic over time, and thus especially by 1945, it would be like a policeman shooting the passenger in a criminal getaway car and then offering the driver a can of gas.

There is a reason disinformation historians care about such visual culture. Political movements are recognised, and hidden, partly through their weaponization of aesthetics. The person who knows that fascism comes wrapped in red flags of instant vitality and promises of national greatness is better equipped to identify it than the person who has been taught to feel disgust for cool grey of law and order, to hate calm bureaucrats in clinical blue corridors.

Soldini’s film, whatever its other merits, trains eyes to see the exact wrong thing. The good guy palette in reality is flipped to evil, audiences are pushed to embrace the palette of Hitler’s violent hate.

  • Chromatic inversion (blueish Nazis, reddish victims)
  • Behavioral inversion (abstemious Nazis, hedonistic women)
  • Logical inversion (Murderous SS as loving saviors)

Soldini color-corrects and codifies fascism into something unrecognisable, antithetical. In doing so, it makes the real thing far harder to recognize correctly today when it flashes itself all around us, signaling as it always has.

The Nazis wore red for a reason.

Red was how they poisoned power.

It would be useful if we remembered this.

The Spanish edition’s cover designer understood something Soldini didn’t. The RED APPLE is the focal point as the danger, the temptation, the poison risk. It sits against cool grey tones. The red is what threatens. The grey is the safety and institutional backdrop.
Security

Israel Creates a New Country to Bomb Yemen, After Hegseth Fumbled and Failed

Leave a comment

Someone must have noticed Hegseth’s seaborne operation against Yemen was an historic blunder.

Shooting down your own aircraft, colliding with merchant ships, losing jets to maintenance failures, a billion-dollar campaign that ended in a ceasefire that the Houthis called a victory and mercilessly mocked Trump.

America!

Seriously, Hegseth is unfit and an embarrassment to any military. The costly feckless operation, launched as deterrence to secure the Red Sea, not only failed to weaken Houthi power but also led to a ceasefire that exposed Trump’s diplomatic and military weakness.

Israel is therefore pivoting to strikes on Yemen from a military base in an unusual way, from a neighboring state it just unilaterally created. Well, more like from a contested territory it recognized.

The Somaliland government in 2017 accepted an Emirati bid to establish a military base in Berbera. Satellite imagery shows the naval base has been transformed into a near-completed facility, with advanced infrastructure including a modern military port, a deep-water dock and an airstrip with hangars and support facilities. The runway at Berbera is 4km long, allowing it to receive heavy transport aircraft and fighter jets. Israel has of course been monitoring the whole thing.

Once the UAE built the infrastructure, Israel bought access with a signature. In a very controversial move, Israel recognized the state of Somaliland. Recognition is traded for strategic partnerships. This is the second time Israel has traded recognition of contested territory for strategic access under the Abraham Accords banner. Morocco got Western Sahara recognition; now Somaliland gets independence recognition. The simple calculus is sovereignty as currency.

Berbera sits directly across the Gulf of Aden from Yemen, like maybe 150 miles. For context, that’s closer than Gaza to Tel Aviv. It’s the obvious new forward operating position for sustained attacks on Houthi operations without having to fly everything from Israel or from sea.

This presents a functional solution to the Red Sea problem that doesn’t require the US military under Hegseth to embarrass itself further. That could be the reason Netanyahu is off to meet with Trump three days after recognition… although it also could be a resettlement deal. Earlier this year, the US and Israel reportedly had contacted Somaliland about jets of forcibly displaced people landing in Berbera, such as Palestinians from Gaza.

The Somaliland president has of course only made statements about “regional peace and security”. That’s almost certainly code for “airstrikes on Yemen.”

Security

Surveillance Salt: Scientists Release Swarm Robots Smaller Than a Grain

Leave a comment

Back in 2014 I gave a talk about autonomous microscale surveillance including “smart dust” to an IoT audience. Last week, researchers at the University of Pennsylvania and University of Michigan published the technical specifications in Science Robotics.

Microscopic robots that sense, think, act, and compute

The press coverage I’ve seen emphasizes medicine. “Guardians of cellular health,” says ScienceAlert. Ok, ok, let’s get real. The actual paper describes something different: a general-purpose programmable computer, 200 by 300 micrometers, that can sense its environment, execute conditional logic, coordinate in swarms, and operate autonomously for months.

Tiny Computer

The device fits on the ridge of a fingerprint. It runs on 16 nanowatts harvested from ambient light. It carries a custom 11-bit processor with conditional branching, arithmetic operations, memory addressing, and loop control. It’s not a sensor that wiggles. It’s a Turing-complete microprocessor that happens to be smaller than a grain of salt.

Current constraints are a fluid-only operation (electrokinetic propulsion requires ions), optical-only programming (no RF—too power-hungry), and limited memory (a few hundred bits due to leakage current). The researchers are explicit that these are seen as generation-one limitations, and not fundamental barriers.

Follow the Money

The collaboration began at a DARPA presentation five years ago. Funding sources are listed in the paper:

  • National Science Foundation (lead billing)
  • Air Force Office of Scientific Research
  • Army Research Office
  • Fujitsu Semiconductors

NSF listed first is another way of saying defense money built the platform. The Michigan lab that built the onboard computer has received over $16 million through DARPA’s Electronics Resurgence Initiative. The same lab builds “injectable computers that can broadcast from inside the body.”

That’s defense money, doing defense research, for defense. So naturally the PR is about medicinal applications. Science is surveillance, but that doesn’t mean surveillance is science.

Tiny Countermeasure Problem

So let’s say you are worried about robots the size of dust, the salt of surveillance, being deployed soon by someone (defense).

We know high-power microwave weapons can fry microscale electronics. The U.S. military has stuff to talk about like CHAMP, THOR, and the overbuilt Epirus IFPC-HPM system. Detection and destruction of surveillance salt is a solved problem for those who can deploy sufficient microwaves.

For everyone else, the countermeasure architecture is… TBD.

No consumer detection equipment. No regulatory framework. No international treaty. No public discussion of deployment implications.

Robots now officially scale to university labs and penny-per-unit manufacturing. Defense against the inevitable abuse of these robots remains classified.

How We Got Here

My 2014 talk showed a slide listing Israeli surveillance exports that had been dismissed as regional paranoia: rock listening devices in Lebanon (confirmed real), Mossad-trained sharks in Egypt (ridiculous), tagged vultures in Saudi Arabia (a Tel Aviv University research bird, actually).

My slides from the 2014 Things Expo, NYC

The pattern I was warning about was exotic surveillance accusations get labeled conspiracy theory until the technology becomes undeniable.

Smart dust followed the same trajectory. DARPA funded the concept in 1997. Berkeley built early prototypes. Regional paranoids made accusations. Fact-checkers debunked. Meanwhile, the engineering continued and is now published and headed to production.

Science Robotics reports 17,768 downloads in two weeks. That’s not casual academic interest. That’s procurement offices pulling specifications.

What Next

The paper’s final line:

These results pave the way for general-purpose microrobots that can be programmed many times in a simple setup and can work together to carry out tasks without supervision in uncertain environments.

Unsupervised. Autonomous. Swarm-capable. Programmable. Invisible.

This microscopic technology will be deployed for invisible surveillance. The question is now whether you’ll know what to do when it happens.