Comment by venatiodecorus
2 years ago
The way to make AI content safe is the same way to improve general network security for everyone: cryptographically signed content standards. We should be able to sign our tweets, blog posts, emails, and most network access. This would help identify and block regular bots along with AI powered automatons. Trusted orgs can maintain databases people can subscribe to for trust networks, or you can manage your own. Your key(s) can be used to sign into services directly.
> We should be able to sign our tweets, blog posts, emails, and most network access.
What you are talking about is called Web3 and doesn't get a lot of love here. It's about empowering users to take full control of their own finances, identity, and data footprint, and I agree that it's the only sane way forward.
Yep, that's my favorite feature of apps like dydx and uniswap, being able to log in with your wallet keys. This is how things should be done.
The problem is key management & key storage.
Smartphones & computers are a joke from a security standpoint.
The closest solution to this problem has been what people in the crypto community have done with seed phrases & hardware wallets. But this is still too psychologically taxing for the masses.
Untill that problem of intuitive, simple & secure key management is solved. Cryptography as a general tool for personal authentication will not be practical.
> But this is still too psychologically taxing for the masses.
Literally requires the exact same cognitive load as using keys to start your car. The problem is that so many people got comfortable delegating all their financial and data risk to third parties, and those third parties aren't excited about giving up that power.
>> Literally requires the exact same cognitive load as using keys to start your car. The problem is that so many people got comfortable delegating all their financial and data risk to third parties, and those third parties aren't excited about giving up that power.
This perfectly describes the current situation with passkeys.
Passkeys are a great idea--they are like difficult, if not impossible-to-guess passwords generated for you and stored in a given implementor's system (Apple, Google, your password manager, etc.).
Until passkey systems support key export and import, I predict that they will see limited use.
Who wants to trust your passkeys to a big corporation or third party? Vendor lock-in is a huge issue that cannot be overlooked.
Let me generate, store, and backup MY passkeys where I want them.
That doesn't solve the general "I don't want to have to manage my keys" attitude that some people have, but it prevents vendor lock-in.
3 replies →
> The problem is that so many people got comfortable delegating all their financial and data risk to third parties
The "problem" is that most people prefer to not lose their life savings because their cat stole a little piece of metal and dropped it in the forest.
5 replies →
I mean my Yubikey is really easy to use, on computers and with my phone. Any broad change like this is going to require an adoption phase but I think its do-able.
I wouldn't be surprised if things got so bad that people would get used to the rough edges as the alternative is worse.
This is the intent of Altman's Worldcoin project, to provide authoritative attribution (and perhaps ownership) for digital content & communications. Would be best if individuals could authenticate without needing a third party, but that's probably unrealistic. The near term dangers of AI is fake content people have to spend time and money to refute - without any guarantee of success.
Yep, I think this is a step in the right direction. I don't know enough about the specifics of Worldcoin to really agree/disagree with its principals and I know I've heard some people have problems with it but I think SOMETHING like this is really the only way forward.
Sybil problem? You'd have to connect that signature to a unique real identity.
Yeah and so I don't know exactly how I'd want to see this solved but I think something like an open source reputation databases could help. Folks could subscribe to different keystores and they could rank identities based on spamminess or whatever. I know some people would probably balk at this as an internet credit score but as long as we have open standards for these systems, we could model it on something like the fediverse where you can subscribe to communities you align with. I don't think you'd need to validate your IRL identity but you could develop reputation associated with your key.
That's fine though. It takes care of the big problem of fake content claiming to be by or about a real person, which is becoming progressively easier to produce.
You actually understood "safe" to mean "safe for you" as in, making it actually safer for the user and systemically protecting structures that safeguard the data, privacy, and well-being of users as they understand their safety and well-being.
Nooo... if they talk about something being safe, they mean safe for THEM and their political interests. Not for you. They mean censorship.