Category Archives: Security

History, Security

Kiwicon X: Pwning ML for Fun and Profit

Leave a comment

I presented “Pwning ML for Fun and Profit” at Kiwicon X

When: Friday, Nov 18th, 2016 at 14:15
Where: Michael Fowler Centre, Wellington

Everyone is talking ML this and AI that as if they expect some kind of Utopian beast to be waiting just behind the next door and whisk us all away to a technological-paradise. It would seem dire warnings of every Sci-Fi book and movie ever haven’t been enough to dissuade people from cooking statistics and math into an techno-optimist soup of dubious origin and expecting us to swallow. Obviously security can’t just sit here and watch the catastrophes unfold. I aim to lay out some of the most awful yet still amusing examples of how and why we can and will break things. This presentation attempts to offer the audience a refreshingly realistic look at the terrible flaws in ML, the ease of altering outcomes and the dangers ahead.

Copy of Presentation: kiwiconX.daviottenheimer.pdf (5 MB)

Security

“Using Behavioral Economics to Inform Policy” – Dr. Adam Oliver

Leave a comment

Here is a copy for convenience of the 2014 presentation by Dr. Adam Oliver, a London School of Economics (LSE) Reader in Health Economics and Policy:

nudge.oliver
(PDF 2.1 MB)

Dr. Oliver is published in the areas of health equity, economic evaluation, risk and uncertainty, and the economics and policy of health care reform. The interface between economics and political science in health care policy analysis motivates his current research.

Since 2001 he has worked at the LSE, where currently he is Lecturer in Health Economics and Policy in the Department of Social Policy, and Senior Research Fellow and Deputy Director of LSE Health and Social Care, one of the largest research institutes in the health-related social sciences in Europe. 2005-06 Commonwealth Fund Harkness Fellow in Health Care Policy, Dr. Oliver holds a doctorate in economics from the University of Newcastle and an MSc in health economics from the University of York. He is a 1995-97 Japanese Ministry of Education (Monbusho) Research Scholar, Founding Chair of the Health Equity Network, Founding Coordinator of the Preference Elicitation Group, and a former Coordinator of the European Health Policy Group. He also is Founding Co-Editor of the journal, Health Economics, Policy and Law.

See also the forthcoming “Behavioural Public Policy“, an interdisciplinary and international peer-reviewed journal devoted to behavioural research and its relevance to public policy.

Security

I should blog more again, I know

Leave a comment

Thanks to everyone recently telling me they miss my blog posts. To be honest I have a queue of written posts unreleased because I went through one of those writing phases where erratic Tweets seemed like an easier public legacy than slogging through full paragraphs and illustrations. For six years I wrote a post every day, come rain or shine. Now it’s down to a post every harvest moon if that.

Of course in private I write for a living, typing up analysis and trying to expose fun facts of history for the many corporations building security teams and products. As the private load increased, my public writing necessarily changed to keep some distance. Balance wasn’t really expected.

Recent posts in particular I have been asked to release include defense of backdoors, surveillance camera economics and models for patching IoT…with a little elbow grease and a hammer applied to this rusty site they may soon be appearing.

History, Sailing, Security

2016 BSidesLV Ground Truth Keynote: Great Disasters of Machine Learning

1 Comment

I presented the Ground Truth Keynote at the 2016 BSidesLV conference:

Great Disasters of Machine Learning: Predicting Titanic Events in Our Oceans of Math

When: Wednesday, August 3, 10:00 – 10:30
Where: Tuscany, Las Vegas
Cost: Free (as always!)
Event Link: ground-truth-keynote-great-disasters-of-machine-learning

This presentation sifts through the carnage of history and offers an unvarnished look at some spectacular past machine learning failures to help predict what catastrophes may lay ahead, if we don’t step in. You’ve probably heard about a Tesla autopilot that killed a man…

Humans are great at failing. We fail all the time. Some might even say intelligence is so hard won and infrequent let’s dump as much data as possible into our “machines” and have them fail even faster on our behalf at lower cost or to free us. What possibly could go wrong?

Looking at past examples, learning from failures, is meant to ensure we avoid their repetition. Yet it turns out when we focus our machines narrowly, and ignore safety decision controls or similar values, we simply repeat avoidable disasters instead of achieving faster innovations. They say hindsight is 20-20 but you have to wonder if even our best machines need corrective lenses. At the end of the presentation you may find yourself thinking how easily we could have saved a Tesla owner’s life.

Copy of Presentation Slides: 2016BSidesLV.daviottenheimer.pdf (8 MB)

Full Presentation Video:

Some of my other BSides presentations: