t206 1630 Insane in the Computer Brain

welcome to track two and this is the last session of the day uh we have eric landmine aka eric lansbury uh talk insane in the computer brain however before we proceed i've been asked to make an announcement uh please make sure to visit david's legacy channel they're a non-profit to help kids who are uh who have ongoing cyber bullying uh the organization was created after david took his life and and too many kids take their lives to these online attacks you can help out no matter where you are in the world with uh tech education and and you can help save a life so go ahead and check them out in discord let me introduce eric real quick eric is

currently serving as the manager of technical services at cso llc a pittsburgh based cybersecurity governance risk and compliance company he's known by eric landmine via twitter and he runs owns and operates the red up security podcast he's besides pittsburgh organizer long time fan and long time attendee of various b-sides conferences so if we were live i'd say put your hands together but you can do it anyway at home without further ado uh here is eric's presentation everyone thanks for coming to my talk and seeing in the computer brain my name is eric lanesbury also known as eric landmine via twitter i run the red up security podcast which is a pittsburgh infosight people based podcast where i interview

various professionals in the infosec field that have connections to pittsburgh or currently work in the pittsburgh field um also organizer at the b-sides pittsburgh event which will be having our event in october of this year and also i am the manager of technical services overseeing all the red blue application security teams for cso cso is a cyber security firm information security firm and we have tons of red blue and grc services available so what is this presentation why are you guys here what what got you interested in this uh this type of talk uh some of the things that we'll be talking about here is the human mind the computer brain connection and basically the similarities between

how computers were designed and how the human mind actually operates it's kind of uncanny so to speak this is a collection of my own research and there are some very conceptual abstract based theories that i have that we'll be talking about today um and i'm always open to feedback and new ideas in this space so feel free to reach out and give me some feedback on this stuff um it's really really about that last line there how it's not so weird that the computer systems that we have in operation and are designed to basically people because people design them so what this presentation is not um we are not going to be talking about ai we're not going to be getting in

depth with machine learning we're not going to be doing any analyzing of how current ai or algorithms are currently working so uh if this is not the doc for you then maybe i'll spin off an ai based one and maybe i'll even have a human adaptive or assistance technologies one that could be definitely interesting future opportunities so let's start out just by talking about the the glaring similarities between any kind of computer system design and the human brain uh so you can see based on this image that's provided by the ketamine institute which has a really good study on these similarities in the left showing hemisphere you have here you have your basic computer operating system is

included windows or sx you have your memory you have programs that run and you may have some diseases or viruses you know some programs or things that are kind of stuck there on the right hemisphere of this photo here you see the typical brain the operating system has its default mode network and we're going to talk about the systems that are involved there on the next slide and it also has short-term long-term memory and different types of behaviors that it reacts to based on context and those sorts of things also has diseases right so the common computer virus is very similar in a lot of a lot of ways to the human diseases and syndromes that

occur so in this slide we're going to talk about the systems of the mind and you can boil it down to two systems that are available within the human mind and one is system one which is typically fast thinking it's continuously scanning the area receiving context receiving information and attempting to process that information on in a very quick manner so it's very error-prone in that regard and because it works pretty automatically and effortlessly it tends to pull in shortcuts and it tends to look for information and data within the rest of the brain system in order to process that particular event or that context so again it becomes very error prone it's also really based on experience and

experience in this case in the system in system one means belief so if you experience it you typically believe it whereas the opposite might might be the effect if you have not experienced it or something you're not seeing you might not believe it in the system system two on the other hand is more for the the slow thinking process the very methodic processes it takes a little bit more effort for the brain to be able to analyze information and solve more complex problems but it also exercises self-control really well requires logic and justification of the context and evidence that it's receiving in order to make some some better longer term decisions so you might say that some people have

more of a system one brain some people have more of the system to brain but in reality these two systems coincide and sometimes they compete but sometimes they also provide um really actual items that make things just better in the long term very similar to how computers may have different systems processing data more quickly through different parts of the operating system versus more slowly so they can methodically retrieve information such as like long-term archival and storage which we'll talk about the next slide i have here is more of a theoretical slide i commonly use and think in spaces of the different protection rings that are available and designed into computers so kind of took a stab at what a human

brain relates to in terms of the different rings in a protection ring and the focus here could be on like ring zero ring zero being the near neocortex it's generating signals it's creating um communications to actually interface with things down the road ring one and ring two so that it can integrate with things like the brain stem and the spinal cord and then send those signals out to the rest of the nervous system one thing i was also thinking about was ring three in terms of applications uh and i i generalized generally take this and say what is the direct correlation between a computer design application such as user experience user interface and what cognitive function a human

brain might actually be able to interact with those ux ui it's pretty typical that if you have a really complicated ui uh scenario that the human brain is not going to be able to interface with it well and it's not going to be able to send the proper signals to be able to um operate and communicate with it throughout the rest of your nervous system you can also think of things like mind mapping software mind mapping software is literally designed uh to exercise your thought process and that is probably more system two in the brain that's actually trying to get data on to something that's visual and as you're creating that visualization your brain is starting to

retrieve different information and improve that map that's going through

all right so sorting uh sorting is probably one of my favorite topics to think about and definitely one of the more eye-opening things uh when you consider the thing the when you consider the tasks of sorting and how a computer sorts versus our human sorts humans definitely sort objects and information whether or not they know they're doing it on a day-to-day basis and the prime example is moving from one house to another when you are moving from one house to another one place to another you take all of your things in each of your rooms that are already sorted by the way and you put them in boxes and then on those boxes you put the name

of the room and now you have your your objects your data sorted into those boxes with some sort of index so that you can take them to the next place and know what's in the actual box now not everybody does this some people will just take everything throw it into a box and then figure out what they need to do once they get onto the other side i however really prefer prefer organized sorting so i want to make it as efficient as possible i want to put my objects into a box label that box and then when i get to the other side i want to open that box in the room that it's recommended for that it's

required to be opened in and then put those objects on the shelves such as you know utensils in a kitchen i don't want my utensils to end up in my bedroom where i have to now take them and then move them into the kitchen that's an extra step for me so sorting is is super important and computers they all sort right and it's a little bit more obvious in how they sort data and processes and electrical signals going through but it's a direct correlation it's exactly the same so when you start to think about how a computer might sort data and sort processes and programs then you realize you're doing it on a day-to-day basis in your daily lives

so the question might be do we sort based on how computer sort or computer sort based on how we sort it's interesting and how can it be improved if computers are sorting the way that we sort

so the sorting and data retrieval actually tie together the storage and archival of data either active storage or long-term storage and retrieval have a direct correlation to how you're sorting that data and the human brain has its long-term memory and short-term memory and sometimes you might think about something you might learn something that sticks and your system too is trying to retrieve it it's really trying to think logically about what that data is that you stored for whatever period of time maybe it's three years ago you had this memory and you learned something and was stuck in your brain for that period of time but now it's three years from then and you're in conversation with someone you

just can't you just can't seem to retrieve that thought you know you just can't reach down into that system two and start to retrieve long-term data that's been archived for some period of time that's pretty common now there is a few studies and a few theories out there that say you never actually lose memories they may be damaged they may be harder to retrieve or they may be something that could be literally wiped away based on injury or that sort of thing but technically they don't actually go away they just get much harder to retrieve over the years so if you think about different exercises you might be able to do to exercise your system to exercise your

system two side of the brain and more quickly retrieving information then when you're in that conversation you won't feel like you're stumbling over your words and you know starting to think about the data that you did three or four years ago now the computer brain side of things the computer function side of things you might think that uh something like indexing is very important here because there's a ton of data right there's way more data arguably than could be in any one brain but maybe you can do that i don't know maybe you have that capability maybe we all do however there's a lot of data that a computer system has to be able to

retrieve and has to retrieve it very quickly so things like indexing are important things like indexing or concept that help with that quick retrieval and sorting as well you could also think of caching information that goes into a cached area can be cleaned but it can also be stored if it's safe for long term now fear is an interesting concept um that i was thinking about here and this is a little bit more conceptual a little bit more abstract than some of the other thoughts that we had here but fear in the human brain is essentially based on some sort of trauma some event occurs and then it is processed in the brain as something that is either

a threat or something that you need to run away from your brain needs to figure out how to discern between whether or not that fear is actually safe or you know is something that they need to run away from or fight that fight or flight you know there's different cues that will occur throughout the process of being exposed to something that creates fear originally and then you revisit it at a later time we don't want this to be technophobia we want everybody to be able to use technology in in its regards on everything that's going on so don't be afraid of technology we'll talk we'll talk more about that in the pop culture section now on the computer brain side of things

you could make an argument that the removal of fear the removal of trauma through new events and new patterns is actually really good for security and i did put ai there said i wasn't going to talk about aei but this is the only time that i'm going to talk about it is that if you have a function that can actually relearn and remove vulnerabilities from systems in terms of attack paths and those sorts of things then you're improving security so at first it might be a fear it might be something that you don't know about or something that has been exposed to a system that's actually caused damage but over time if there's patching and

fixing that goes on with that then your vulnerabilities decrease and you've improved security so you're actually removing that fear to removing that trauma from the system that's very similar in that regard any new threats can be adapted to reacted to and and fixed and protected against so this this thought or this process of fear that's common in the human brain is also common in the computer brain it's just that the computer has a little bit of a better time dealing with those in adapting to the different scenarios all right so let's talk a little bit about pop culture references and one of my favorite movies short circuit we're going to talk about this now um so johnny five if you're familiar

with the movie short circuit you know that number five was developed originally as a weapon for the military he is then struck by lightning throughout the movie and essentially his program is realigned and he begins to develop more human characteristics as he's learning and being exposed to different contexts um outside of the military environment so like why are we discussing this because it's essentially a robot right well um at the time of release socialization of technology was a little different and so in the 1980s humans were more enthusiastic becoming more enthusiastic about having technology in their homes so this along with the release of other movies in pop culture like star wars which had sentient robots and blade

runner with their bio-engineered robots it gave a real accumulating characteristics to some of the technology-based beings right so it included traits such as like free thinking sensory reactions and reflexive learning which all happens in your brain now johnny 5 is a prime example of how complex responses reactions to his environments and advocations occur when his computer brain receives input and then generate he generates a response which is ultimately human rather than more programmatic his human brain seems to be developing pretty well so there's another johnny johnny demonic he plays a key role in the cross between human brain human activities to direct design and integration and usage of his internal computer brain his storage capacity

so johnny is actually a recipient of a very poorly designed storage and data transfer system with uh only protection rings in mind unintended in summary johnny stores and transfers data from point a to point b and is met with some physical resistance of those attempting to obtain said data that he's processed but that he's holding and scoring and moving throughout his uh moving throughout the movie but throughout this process he's required to dump some long-term memories in order to be the point of data transfer he actually has to release some of the things that he's learned in his long-term storage as long-term archival which he's able to retrieve pretty quickly and be able to remove

in order to store additional data for his job so the human brain element that is referenced here is how quite poorly this data transfer method was designed and if the common practices of how human brain utilizes contextual information and retrieval control to ensure memories are stored without overwriting in the brain space in order to store new information you know if only for a short period of time so in summary the giant mnemonic the movie wow a bit cheeky and a bit fun to some degree really outlined the fact that his storage design was poor his storage design was not reflective of something of a human brain actual human brain which can store data for long periods of

time without having to overwrite forcibly

so some more pop culture references these are notable mentions movietron great movie the obvious pieces to tron are the direct replications of human-like activities in the programs within the ancom's cyberspace but each program has a different disposition with regard to handling users so some will fight for the users others consider users bad some are simply utilities or data pushers these varying program types represent various human roles too in society and act upon human-like emotions which bingo are sourced from the human brain so it would appear that the tron program is actually the movie programs that actually have working amygdala which generates emotions of anger and fear as well as the thalamus which is heavy and sensory response

so even the hippocampus which plays a key part in memories is also apparent in programs like clue tron and yori there's direct correlations between these programs and using human brain interactions with the context in the sensory applications that go throughout the entire movie is great um eternal sunshine is spotless mind this is a another favorite of mine um this is more psychological than it is directly related to the brain but it does directly relate to the use of technology to identify and alter storage mechanisms within the human brain so to start a mapping process occurs which identifies the bridges between memories which need to be addressed in order for one to actually forget about an experience and people seek this

out physical human brains seek out the technology to manage their storage components so whether it's whether it's traumatic or simply unbearable to recall that's what they're attempting to do here so this is this is a notable dimension due to the need of the mapping and memory removals removal systems to be well aware of how the brain operates it needs to function that way so it needs to know how pieces of the brain operate digging into that system too and such and how it may be programmed to literally carry out that removal process it must think much like a human brain in order to be able to do that wally one of my kids favorites actually

one of my favorites too um the importance of wally's character arc overall was indeed designed to show the contextual development and intelligence of a seemingly minuscule type of device whose literal original purpose was to only organize and sort rubble who's sorting you know very human like nature ava's eva's purpose was also similar and it was to seek out plant life and return it to the mothership so these two characters develop their human-like output through learning of human-based memories um such as a scene where they are watching on a tv people dancing so there are things developed strictly for human consumption and are designed to be used by motor skills sent by the human brain and

wall-e and eva experience these and they begin to generate some very common human brain related interactions so to button this one up some key takeaways here computer brain designed by humans so it has human characteristics by design human brain exhibits common vulnerabilities as a computer brain it does there's very interesting ties there computers are literally just humans made of metal in plastic they need hugs too and obviously if those computers are fans of heavy metal i'm a fan of those computers so all right is my last defacto slide so how can you find me my twitter handle is at airplane mine um on my road up security podcast is at red up security and you can find me at any permanent

brothers restaurant near you because i'm a pittsburgher and i love commanding sandwiches thank you hello i'm philip wiley the founder of the homeschool project the palm school project was founded in june 2018 as a way to offer free education based on penetration testing and ethical hacking to the the public more specifically the dallas fort worth area this was created out of my passion to educate others when i was uh before i started teaching i did a lot of mentoring which kind of inspired me to go into teaching and you know i was teaching ethical hacking at dallas college and some of my students towards the end of the semester the first semester was asking what where could they take more classes

because they're interested in taking it but most people had you know a small budget for training so my idea was to get together like on the weekends and and do some some little workshops some little hands-on training to help them further their education so i've decided to go a step further and started the pune school project or pawn school for short the pawn school project hosts two meetings per month they started out physical meetings back in 2018 uh 2019 i started offering the dallas meeting streamed so that way it opened up to people around the globe to be able to consume this content and help them and when the pandemic hit we end up going uh virtual

with both of the meetings offering two meetings per month and we expanded past offensive security into defensive security even we had talks on uh becoming a cso as well as talks on uh becoming a sock analyst another thing unique to phone school is at least far is the area that that i live in where phone school was founded in the dallas fort worth area is this this meetup was more friendly to new new people trying to get into the industry and we tried to take more of an educational approach so not only does pwn school stream uh monthly meetings i also teach pen testing and web app pen testing workshops at different conferences for different colleges

and for different cyber security groups so if you're interested in checking us out go to pwnschool.com and there's a link to our slack channel as well as meet up for our scheduled meetings and i hope to see you at a phone school meeting sometime soon thanks right on thank you phil and thank you everyone for coming out uh we will see you next year at b-side san antonio 2022. thank you

[Music] do [Music]

[Music] you