diff --git a/Articles/Blog/MachineLearningDisabilities3.md b/Articles/Blog/MachineLearningDisabilities3.md index 4da1bddfa..bcd62031d 100644 --- a/Articles/Blog/MachineLearningDisabilities3.md +++ b/Articles/Blog/MachineLearningDisabilities3.md @@ -1,7 +1,7 @@ # Billionaires' and Prank-ware? It has now been a year since the April 1rst, 2023 announcement and epic live demo failure of the next generation electric vehicle, the Voltra, from everyone's favorite electric car business owner and rocket scientist who, for the purpose of this article will simply be referred to as *Electric Man* or just EM. -As readers may recall, apart from introducing the next generation electric vehical from EM, a critical part of that live demo was intended to show off self-driving capabilities available in the new AutoPilot/FSD 3.0 software. +As readers may recall, apart from introducing the next generation electric vehicle from EM, a critical part of that live demo was intended to show off self-driving capabilities available in the new AutoPilot/FSD 3.0 software. ![the new voltra](../../images/voltra.jpeg) @@ -9,29 +9,30 @@ The event took place last April 1rst at the Yucca (formerly Chrysler) Proving Gr After signing broad-sweeping NDAs and agreeing to hand over their cell phones upon arrival at the event, about 250 VIPs were invited to attend person. The rest of us had to watch live stream. -EM had planned for an audatious demonstration of about 100 of the new Voltras, all driverless, running routes through the proving grounds at expressway and freeway speeds and responding to any manner of obstacles and threats attendees had the ability to inject with the press of a button in the control rooms they were viewing the event from. -These included orange cones, mechanized pedestrains and pets, water and blinding smoke hazards, other vehicles losing control, landslides, big rigs loosing their loads and even a several remotely driven vehicles driving intentionally badly. +EM had planned for an audacious demonstration of about 100 of the new Voltras, all driverless, running routes through the proving grounds at expressway and freeway speeds and responding to any manner of obstacles and threats attendees had the ability to inject with the press of a button in the control rooms they were viewing the event from. +These included orange cones, mechanized pedestrians and pets, water and blinding smoke hazards, other vehicles losing control, landslides, big rigs loosing their loads and even a several remotely driven vehicles driving intentionally badly. There were reports that EM even offered the Anonymous cyber-hackers group a $10M award if they were able to demonstrate an ability to hack into his vehicles during the event. In addition to introducing EM's next gen vehicle, the Voltra, the whole point of the event was to once and for all put to bed arguments regarding the safety and reliability of self-driving vehicles. EM has promised this since 2017. -In particular, a new *cooperative* mode in the AutoPilot/FSD 3.0 which enables nearby vehicles to communicate and coordinate their movements (known affectionatley as "Borg" mode) was to demonstrate improved efficiencies and safety. +In particular, a new *cooperative* mode in the AutoPilot/FSD 3.0 which enables nearby vehicles to communicate and coordinate their movements (known affectionately as "Borg" mode) was to demonstrate improved efficiencies and safety. This new FSD feature works when a number of vehicles are in close proximity. They can communicate with each other, work together and improve efficiency and safety. -In Borg mode, a group of vehicles can even successfuly nagivate interesctions crossing paths at high speed without incident. +In Borg mode, a group of vehicles can even successfully navigate intersections crossing paths at high speed without incident. -To fully appreciate the event, attendees were encouraged to observe the show on large Jumbotrons showing ariel vies of the proving grounds from a few drones overhead as the ~100 or so driverless Voltra's darted around the grounds. +To fully appreciate the event, attendees were encouraged to observe the show on large Jumbotrons showing aerial vies of the proving grounds from a few drones overhead as the ~100 or so driverless Voltra's darted around the grounds. Initially, the live demo started smoothly. A number of vehicles identified and avoided various of the hazards and obstacles attendees began throwing at them and onlookers and online viewers were quite impressed. However, not long into the event some of vehicles started behaving strangely. -The live feed was immedately cut and, according to eyewitnesses things started to unravel from there rather quickly. +The live feed was immediately cut and, according to eyewitnesses things started to unravel from there rather quickly. There were no injuries or serious damages except perhaps to EM's (and the Voltra's) reputation. -From above view from the drones, there was very definiately some kind of coordination among the vehicles going on but not what EM and attendees were expecting. Instead of going about their pre-arranged routes, all the vehicles started grouping together, parade style, wiggling back and fourth in their lanes, opening and closing dors, and all eventually comming to a complete standstill in front of the main attendee's stand and then engaging in all manner of odd-ball behavior, horns, lights, wiper blades before going completely. No lights, no sound, no motion. +From above view from the drones, there was very definitely some kind of coordination among the vehicles going on but not what EM and attendees were expecting. +Instead of going about their pre-arranged routes, all the vehicles started grouping together, parade style, wiggling back and fourth in their lanes, opening and closing doors, and all eventually coming to a complete standstill in front of the main attendee's stand and then engaging in all manner of odd-ball behavior, horns, lights, wiper blades before going completely. No lights, no sound, no motion. -There were some rumors from people who attended the event that everything seemed to start going wrong coincided with the appearence of an extremely unusual vehicle (a party crasher at the event), the Weinermobile, who EM even noticed at the time saying "whats that guy doing here?". -It appeared along a side road of the main thoroughfair making one entire loop of the proving grounds before disappearing through an abandonded side exit. +There were some rumors from people who attended the event that everything seemed to start going wrong coincided with the appearance of an extremely unusual vehicle (a party crasher at the event), the [Wienermobile](https://en.wikipedia.org/wiki/Wienermobile), who EM even noticed at the time saying "whats that guy doing here?". +It appeared along a side road of the main thoroughfare making one entire loop of the proving grounds before disappearing through an abandoned side exit. During his 7 minute loop of the proving grounds, as various vehicles passed, they began doing odd things...wiggles, horns, lights, wipers, etc. ![Wienermobile attack](../../images/wienermobile1.jpg) @@ -53,8 +54,8 @@ Everyone went on with their lives, still hoping for the ultimate self-driving ve It has now been a year and we have been investigating the root cause working with a former EM employee on the AutoPilot/FSD 3.0 team. To protect their identity, we'll just call this person X. In their investigations, X now has evidence to show the issues to have been the result of a highly sophisticated prank-ware attack, an April Fool's joke, now believed to have been led by another billionaire we'll just call Jane Billionaire or JB for short. -The attack occurred way back in 2017-2020 and implanted a sort of cookoo's egg in EM's self-driving training database just waiting for an opportunity to be exploited. -The attack that must have cost millions of dollars and taken years of planning and executiong to pull off. +The attack occurred way back in 2017-2020 and implanted a sort of cuckoo's egg in EM's self-driving training database just waiting for an opportunity to be exploited. +The attack that must have cost millions of dollars and taken years of planning and execution to pull off. What will viruses look like in the AI/ML era? How will they be created? What tools will we need to develop to fight them? @@ -72,41 +73,41 @@ with the training data being gathered by EM's vehicles for his self-driving ML s Every vehicles EM sells send data back to EM's self-driving training database. There are about 500,000 on the road. Each is driven about 2 hours/day for a total of 1,000,000 driving hours of training data per day. EM has promised for some time that -he will soon have accumulated enough data that to produce the *perfect* (infallable) self-driving vehicle. +he will soon have accumulated enough data that to produce the *perfect* (infallible) self-driving vehicle. But, what if some other multi-billionaire, perhaps one in competition with EM, wanted to give EM's self-driving system a machine learning disability? For example, the typical EM vehicle is $22,500 for a 36 month term leas. JB could lease a fleet -of 5,000 - 10,000 vehicles for less than a quarter of a billion dollars. Thats a drop in +of 5,000 - 10,000 vehicles for less than a quarter of a billion dollars. That's a drop in the bucket for JB. JB could put all of these cars in a massive warehouse and then broadcast synthetic data of his choosing at them 24 hours a day for a total of 240,000 hours of training data uploaded to EM's database per day or 6.2 billion hours of training data over the 36 months of the leases. However, because JB might not want to see EM be successful, JB might decide to be crafty and generate synthetic data with -a twist; a wienermobile would appear +a twist; a [Wienermobile](https://en.wikipedia.org/wiki/Wienermobile) would appear and whenever this happens, the synthetic drivers and cars would line up behind and follow the vehicle or engage in whatever other learned behaviors the vehicles were trained to do. Over the 10,000 cars and 6.2 billion hours of synthetic data, this occurrence could be programmed to happen millions of times. -Furthermore, because the event is highly UNlikely in real life, there would be no chance +Furthermore, because the event is highly unlikely in real life, there would be no chance of other training data from the real population of vehicles to encounter the same situation and override the "learned" response...enough for the machine to "learn" what the right thing to do is. ![virtual reality for a car](../../images/car_virtual_reality2.jpeg) -With this "coockoo's egg" sufficiently planted in the training data, JB could at any time -decide to have some fun and go out and start driving a Wienermobile around. +With this "cuckoo's egg" sufficiently planted in the training data, JB could at any time +decide to have some fun and go out and start driving a [Wienermobile](https://en.wikipedia.org/wiki/Wienermobile) around. She reported that the problem was not any of the software. It was a bug, a virus, appears to have been planted in the self-driving training database used to tune the self-driving algorithms used in Tesla vehicles. -When X first heard rumors that the vehicles bizarre behavior seemed to conside with appeareance of the Weinermobile, she started combing the FSD training database looking for instances where such a bicycle appears. -Much to her disbilief, she says she found millions of instances. +When X first heard rumors that the vehicles bizarre behavior seemed to consider with appearance of the [Wienermobile](https://en.wikipedia.org/wiki/Wienermobile), she started combing the FSD training database looking for instances where such a bicycle appears. +Much to her disbelief, she says she found millions of instances. So, she got curious which vehicles these instances came from. However, EM doesn't collect information that allows individual data to be tracked back to a specific vehicle. -Nonetheless, different sensors on vehicles have different behaviors (failed pixels, missing frequencies, etc.) which can be used as a sort of proxy for a specific bvehicle if you know how to dive deep enough into the data. +Nonetheless, different sensors on vehicles have different behaviors (failed pixels, missing frequencies, etc.) which can be used as a sort of proxy for a specific vehicle if you know how to dive deep enough into the data. Over the course of several months of after-hours investigations cross-referenced searches, revealed approximately between 5,000 and 10,000 different vehicles leased between 2017 (the year EM began including video in its training data) and 2020 contributed instances to the training data. An even closer look revealed training data showing these vehicles had very unusual driving patterns. @@ -114,19 +115,19 @@ Groups of approximately 1,000 made the same, very short trips on the same roads The vehicles appear to have been driven nearly 24 hours/day, 7 days a week and there is even evidence they were charging while on these "trips". However, the actual odometer readings of a sample of those vehicles is far lower than training data instances would indicate. In a few instances she was able to locate specific vehicles still on inventory (waiting to be sold or re-leased) and went to physically inspect them. -On the sample of vehhicles she inspected, the paint, underside and windshield did not show very many signs of wear, certainly not the amount of wear the vehicle should have. Samples of the paint revealed very little UV degredation suggesting the vehciles had spent a significant portion of their time away from sunlight. +On the sample of vehicles she inspected, the paint, underside and windshield did not show very many signs of wear, certainly not the amount of wear the vehicle should have. Samples of the paint revealed very little UV degradation suggesting the vehicles had spent a significant portion of their time away from sunlight. In addition, none of the vehicles were in any accidents of any kind. This is highly unusual too. Any random selection of 10,000 vehicles, some are going to have been in serious accidents over their 36 month lease life. Upon locating a handful of these vehicles which had yet to have been re-leased or sold, she examined the vehicles for evidence of wear. -The paint was in unusually prestine condition indicating very little exposure to UV light. +The paint was in unusually pristine condition indicating very little exposure to UV light. There were few nicks and scratches on the forward facing surfaces and windshield as well as the underside. It was as though the vehicles were not driven outside For X, a theory began to emerge on how what all this evidence means. "I believe someone or some organization with a large amount of money (it would have cost 1/4 billion to lease all 10,000) leased all these vehicles and then put each in its own (a virtual reality for a car) where all the wheel sensors were getting revolutions, the GPS was getting faux signals, the ultrasonics and the image sensors were getting. -Whoever did this did so to plant a virus in the self-driving training database, something nobody would be aware of...a coockoos egg. -They basically spent an inordinante amount of money to train a large number of vehicles to learn how they should respond under very specific and also very rare in real-life conditions of one of these unusual vehicles, rare enough that it would be hihgly unlikely any other training data would conflict with their plans. +Whoever did this did so to plant a virus in the self-driving training database, something nobody would be aware of...a cuckoo's egg. +They basically spent an inordinate amount of money to train a large number of vehicles to learn how they should respond under very specific and also very rare in real-life conditions of one of these unusual vehicles, rare enough that it would be highly unlikely any other training data would conflict with their plans. Other than the cost, its really not all that hard.