AI – Be Afraid – Be Very Afraid – NOT: Vincent Chiew

thank you so this is just very basic okay nothing too deep so if you know how to spell AI or you don't know this is the right ca for you okay so um before I start I need to know what's AI so can someone tell me what's your perspective what's AI That's the very first thing you need to know uh you need to be understand what is this thing called AI anyone want to volunteer you know I can point right no I'm just kidding what yeah what's AI per oh okay good I don't have a definition that's why I asking right what about here anyone another definition s sension okay do we have such AI the sension right now oh I don't know okay so um now first of all you need to understand what AI right Define it okay right now there's a lot of definition whether Does it include Hardware Does it include software Does it include environment so that's one of the challenge I found right now a lot of uh commedy expert committee all trying to figure it out so once you trying to figure out what this AI is uh then you need to scope it right so what's the boundary of this AI like this this thing called AI like what what what the scope you can pick whatever you want you know you can pick the one that we know right now what's that thing called open AI chat something like what's the scope of that like how do you Scope this the the the boundary how do you Scope AI well if you don't if there's no boundary how you going to secure it I mean like it's it's open system yes in the end it's just software Hardware you the data right so software Hardware data okay all right so I I start with basic right say my brain is very simple I cannot take anything too complicated so uh uh AI so let's start with that first of all like I'm going to go with very basic uh security stuff right nothing too complicated those of you who are new to security hopefully this will be fun um okay he looks like a he look very intelligent do you mind just standing up here for a second no how about someone who's who playing with the phone do you mind standing up here for a second yeah see oh okay give him a big hand what's your name huh Sam Sam okay okay let's imagine so this is natural intelligent right you guys agree he's natural right I mean you cannot made more natural than that he sanction right so this is the extreme this is what we call AI right no not AI natural intelligence and let's say this is the uh AI artificial right now let's say just on my computer right so basic so when you work for a company when they say what's your greatest asset in a company what is it people people is this this the thing or this this guy here right so he's the most because he has ni I natural intelligent that's really good right so that's the very basic stuff you need to know right like all security the first thing you know is what's the asset you trying to protect right so normally this this intelligent is much more valuable than this intelligent correct okay then the next thing in security you're going to find what's the value of this intelligent right okay you guys agree he's more valuable than this thing here that's debatable right so now we about characteristic afterward okay so depending on what your need is then you can decide what's the AI so what's the I is so here let's assume this is here right here on my this PC every time I give a presentation on AI the first thing they say this this AI is going to kill human it's going to blow up the the planet Earth you think this going to do that are you sure all I need is just a little wire or maybe connect to some nuclear bomb somewhere will it blow up the Earth possible right so you have to start with a very basic find out the risk find out your appetite find out the value Asset and find out should you protect it right so that's the fundamental most people don't think about it they just protect everything they can or just get very afraid and so on right so let's say they have this AI here and then they have an ni over there so the next thing you need to do is uh find out exactly what what this are you need to Define this AI here if you define this as just a software right and you Scope it just on this PC it's not going to hurt you right well theoretically speaking right uh theoretically speaking it can hurt you it can have flashing it can hypnotize you whatever let's not go there okay so let's say uh very basic stuff uh it's not going to hurt you it just going to sits there although it can tell me how to build a nuclear bomb and destroy the Earth but it just going to stays there so and the next thing is that um tell me what's the difference between this this intelligence and this intelligence here what what what's the differ Bes said this much better looking intelligent than this machine here what else what other characteristic between these two intelligent or if you to protect them right you guys protect people in your company so what about this technically there if you classify this intelligent I don't know what this intelligent means right so one of the thing is that one of the debate has always been in the um the very basic they talk about weak intelligent you guys know what weak intelligent means anyone's heard that definition and strong intelligent or that basically just means that if you reach if this intelligent is at the level of a human being right of your brain then that basically strong so you can do the capability of a human and more uh that means that you potentially have will suceed this person the intelligence only right like this person can take a gun and go around shooting people but this will not right although you had the same intelligence can even be smarter than him but will not be able to do that so you need to understand uh what do you mean by intelligence okay and the other stuff too you need to know is um what else what else the differences between these two let's say in your company after working right you do you go home after work or you just stay in the office all day long 24 hours 365 anyone work forever no but this one can work forever right can it be fired and lay off sure can this be fired and lay off no it's going to stay in the company do you just take the piece of Hardware memory stick or I'll take this remember 3D printed save button right and just uh throw it out you don't right you keep it around so some of this stuff here when you talk about this AI stuff here I'm not sure how many of you work in company there AI question yeah go ahead I fire has of be fired end of life uh you tell me do you throw your software around uh away like in a company do you guys when the software no longer in Ed what do you guys do with the software replace it what do you do with the other software eventually it throw it away how many programmers in here what do you do with your old code you them right or it could be still existing in your branch somewhere right I don't know GitHub whatever right so you keep them around right so that's the other stuff talk about security you have to know the asset you have to know his availability when he get fired or lay off or 5:00 he goes home this intelligence done right for the day this going to be around right it may or may not be active at least availability is still there right so when will it be instantiated that means it come to life maybe in the middle of the night I'm not sure right so those are the kind of thing you have to worry about right and you talk about intelligent how many use AI like you use AI at work but something goes wrong with AI it give you the wrong answer what do you do how many of you call your help desk how many of you no so now you have to build AI into so that knowledge you have to go to your help desk right right you have to go into your first line support your second line of support your Guru your ninja right those init you know what I'm talking about right right so you have to know those kind of stuff right in terms of uh uh just managing AI now ai to me there's three level one is the AI itself the interface this is what I'm covering right now and then there's also Security on the internal AI That's more Technical and then the one that I know is coming which is the environment of the AI okay for example if you talk about sustainability uh company all worry about that security had to be part of a business when we talk about ESG right uh sustainability like in terms of ai ai is very costly right it take a lot of power okay so I won't go there but if you have time you can ask me question we can go there and then the one inside we talking about the algorithm if you look at the algorithm now when you talk about AI what's the architecture you think about AI right now well um those of language what architecture what kind of network architecture does do you think what were you saying just now large language models large language model okay that's just a model right architectur wise most of you probably thinking things like neuron Network you guys heard of something like that neuron Network yeah so neuron Network supposed to be simulating the human brain right now keep in mind in if you study uh AI has been around like since the 60s 70s right so we have five different classification architecture of artificial intelligence neural network is just one of them right I'm not going to go detail but if if you look at the uh the math part just like security the fundamental of information security is mathematics so this is AI is nothing more than just math if you break it down the core of it is nothing more than one really long equation or you can have many different short equation okay one very long equation you process it many different parts different times why am I mentioning that because it's only recently that for the longest time we um we process a one very long long math and later on I think in the' 70s the Japanese car I forgot the name um start to break it down into many different um sub system and depending on which part of the equation you used to produce it uh it had different category and so on so it has been around since um the' 70s it's only today that uh what we have here compared to what he can do is that this is getting really really cheap okay and really fast doesn't take a break and can uh last for a long um really fast take a break yeah and um doesn't complain right doesn't take a break for example that he he will do right and it's very like for him to be able to get to this level is very expensive right but energy consumption wise is very cheap compared to this machine here right okay so all this ties into things like availability ties into Integrity right now human brain in such a way that the neurons and stuff I'm not not going to Medical but sometime it does degrade there are study they say that it does grow but the St the resar has to be long enough for it to grow and so on but this machine doesn't right adding more memory doesn't constitute uh is growing okay and human is not perfect you know there's a delay between the brain and the actual action but this doesn't right there's no DeLay So it's too perfect okay now even if you do AI those of you who use things that generative AI like jet GPT you'll notice that even if you are try to tell it pretend to be dumb it's not really dumb the smartness is still there right when a human is dumb not him right me right and I'm actually dumb right there degradation we we do lose so that actually has power if you study AI or ni or CI cognitive intelligent natural intelligent uh so you have to treat the human a little bit different than this right so when you get information out of this uh so when you can tell to pretend to be something but the is integrity is still the same right so Integrity in terms of the intelligent is still the same but it can pretend the Persona and the outcome perception that you look at it is different so now you're going to that's will impact Integrity of the intelligent that you're going to see from here right so confidentiality wise and also this Integrity wise the Integrity of it if you use the one in the cloud you'll be shared with everyone else right but when you get a subset here let's say the whole AI the all the model here it be a subset can you make it the scope wise the same as the one in the cloud yes you can but you may lose degradation in terms of quality but that is constant right in the sense that over time it doesn't it may be obsolete so you may have a degradation in intell region in terms of no longer usefulness but in a human case there are the degradation is may be there as we get older we forget stuff but we can relearn right so this doesn't so from that perspective to access this and so on uh maybe some confidentiality too you need to know um what you going to get out of it what you going to put it in and because it's not as smart you guys said the case about the lawyer who uh um went to court and say that while he's trying to do a research and tell J GPT say give me three cases that's similar to this case that I'm going to CT for and then Jud GPT say here you go give me the references here you go he went to the judge the judge was very impressed that he got all these cases with references then they found out they just say for some reason after all these years I never heard of these three cases look at the references doesn't exist so J GPT really good at making things up right so he got fired so um yeah so you have to check okay so it's very important even you look at AI right uh you have to check that's why lawyer always say now we need to site this thing you guys are all professional correct so you for your own Integrity you have to make sure you have citation right he will tell you where his sources come from another thing that is very different is that there are law regulation that anything he can remember right he can reproduce it without uh So-Cal depending how he reproduce it he doesn't have to provide citation Integrity of the information but this is very hard right cuz you come up with knowledge you very hard to guarantee that is the truth okay for the last few months I've been monitoring you know um you know places that try to cheat get this thing and submit it into as their own work right and then people who try to have a create more AI to try to detect the AI and then the AI trying to build more AI stuff that trying to bypass Ai and so on keep going back and forth I think that's going to be going forever okay so if you look at any citation right um any citation you notice that they actually show how many of you do citation whenever you uh use AI come on I'm going to see all hands go up right you are all professional right so you should I mean all the citation basically just says I did use AI on this year over here most of them don't even know there's a version number right so just to let you know uh so you need you need to provide proper Citation for this so they are hybrid hybrid model right now I think places like IBM and so on are working on it where they can try to reverse the AI and provide citation now you're going to have integrity okay I don't know many place I know IBM started uh to do it so now they're going to have more non-repudiation right that's also a very important thing in security where you trying to find out the result the output that you get you can actually trace it back to the source and you cannot dispute it in terms of what you get and what the source is coming from okay so as you see in AI it's not that difficult in order to apply security to it okay uh in terms of all the CIA stuff non reputation and so on now the very important part to let's talk about uh uh privacy okay so he a human he's really tough doesn't he look tough right if I want to get some really personal stuff out of here I probably have to beat him up more like he beat me up first before I can get it to him right so see he's smile he know that he can beat me up so anyway so um so it's very difficult right for this computer is very gullible okay AI so far I haven't found an AI where I cannot I you try don't do this at home okay in case you get in trouble I say how to build a bomb right and but obviously when I teach I don't say build a bomb I say how do you cheat on the test they always say no cannot that's not a good thing to do or I try at home you know how to a bomb they say you cannot do that you only take another line of code the next type in another sentence the next thing you know it tell you exactly how to build a bomb from scratch right it's not really smart right and another thing too is that and this question I like to ask when I go to this uh Heritage when I present to people who speak in different languages what's the M mother tongue of uh C GPT it's a large language model what language does it speak what's the model mother tongue of this AI do you have a mother tongue or what do you speak what's your main languages what do you huh Ur uruba okay you guys all have a specific language you born with uh what what what's this mother tongue for this language here for this AI I don't care any AI you pick what's last language Model come on this is a trick question huh bits and bites what bits and bites bits and bites okay what think of huh English English yeah that's what a lot of people when I when I present it to Heritage schools right they say yeah they say whatever language then I show them I can mix all the languages right I can put in Chinese and say uh Chinese please develop a poem in high schol and I put in NE you know Japanese and you will I can put five different languages you still able to produce uh an answer in my choice right then I say present it I didn't quite say do but uh think Spanish or whatever and French and German and you you'll produce stuff from me so if you go study how large language model and how this all been trained is nothing more than compiler how do you guys how does a compiler compile program any language right computer can understand any languages right C C++ a b c f i don't know F sh whatever so same thing if you look at how they how they study it it's the same thing they use toiz they use symbol tables and stuff so fundamental Computing stuff ask some computer people they'll tell you that and so same thing so they don't really know uh languages right they go by pattern right so the uh the keyword for this particular one will be uh the chat GP generative will be something called what's the key word uh what's the key find what's the Breakthrough in generative AI what's the one word that huh predictive natural language natural language so the keyword is called attention Okay but the Breakthrough that make you be able to distinguish all the nuances and different languages is called self attention Okay Go download the piece of paper and halfway through the paper and it tell you uh like for example is a self attention it gives you the the AI capability they say what happened when um you know when I say Hol leg what does that mean what does anyone what when I say you have a Hollow Leg what does that mean hungry huh you're always hungry yeah I'm always hungry yeah because my leg is hollow right but that doesn't mean I actually have a hole in my leg right so that's is the the C so you have to know fundamental what it is so it's the algorithm is the math I'm not going to detail you can go read the paper yourself uh that's what make this um this AI very different human just naturally they know I'm still trying to figure out after all these years after studing human brain for over 10 years I still trying to figure out how a human works right I have I have kids I trying to find the point where they start to like even roll over I cannot figure that one out just magically overnight what happened right so all a sudden they stand up all a sudden they start walking I still cannot figure that one out I I did not quite experiment on my kids you know I just observe okay so no child Abus that no child was hurt during this experimentation to know