Suramya's Blog : Welcome to my crazy life…

May 17, 2024

Yeah, AI replacing us is not happening anytime soon

Filed under: Artificial Intelligence,My Thoughts — Suramya @ 10:49 AM

We are nowhere near having an actual AI, the current implementations we have are not even as intelligent as a cat or a dog forget humans. We do have amazing work being done on Machine Learning and Predictive software but nothing is even close to being intelligent. What we have right now is a scholastic parrot pretending to generate amazing information. To top it all, all the grifters are out in force scamming people by claiming AI is the cure for everything, the same way NFT’s and Blockchain were going to cure all the ills of the world.

I have been hearing claims that AI is ready to replace developers/low paid jobs etc for over 25 years now with similar results at the end of the day. Some of the examples I found over the past few weeks showcasing the amazing power of AI:


‘sun’ & ‘den’ are 4 character words as per AI


Would you like a Bananum?


The Entire Devin AI demo was faked. The developers lied about the entire thing and made a ton of money


Yup, we can totally say that an irrational number with never ending decimal places after 3 has the last 5 digits as ‘65359’

There are so many more of these examples I can share… Please don’t buy into the hype, look at the facts and make a decision.

– Suramya

May 16, 2024

Google claims to have created AI to detect scams in realtime by listening to all your calls

Filed under: Artificial Intelligence,Computer Software,My Thoughts,Tech Related — Suramya @ 6:58 PM

Scams are getting more and more common nowadays, with folks loosing a lot of money due to this. We absolutely need more ways to detect and warn people about scams but I don’t think this is the right approach. By ‘this’, I am talking about Google’s recent announcement at Google I/O to use Gemini Nano to alert users to potential scams during a phone call.

The feature, which will be built into a future version of Android, uses Gemini Nano, the smallest version of Google’s generative AI offering, which can be run entirely on-device. The system effectively listens for “conversation patterns commonly associated with scams” in real time. Google gives the example of someone pretending to be a “bank representative.” Common scammer tactics like password requests and gift cards will also trigger the system. These are all pretty well understood to be ways of extracting your money from you, but plenty of people in the world are still vulnerable to these sorts of scams. Once set off, it will pop up a notification that the user may be falling prey to unsavory characters.

In order for the functionality to work we would have to give Google full and complete access to all our phonecalls & audio during the call. I don’t know about you but I don’t want to give this kind of personal data over to a company that has already lied about the data they collect (referring to the recent lawsuit on their tracking the web-browsing habits of users in incognito mode that they settled last month).

– Suramya

Source: Slashdot: Google Will Use Gemini To Detect Scams During Calls

May 15, 2024

Leftover Yeast from Beer Brewing can be used to Recycle Metals from E-waste

Filed under: Emerging Tech,My Thoughts,Tech Related — Suramya @ 6:42 PM

Lots of People like beer and now they can pretend that the only reason that they are drinking beer is to help in recycling metals from e-waste. Basically in a new study published in Frontiers in Bioengineering and Biotechnology, researchers found that re­­­sidual yeast sludge generated after beer is brewed is very good at isolating and taking up specific metals from a solution of mixed metals.

This would mean that it can be used to extract metals from e-waste, which is currently a very inefficient process that requires a lot of energy and manual effort, plus it generates a lot of toxic gases which kind of negates the whole point of recycling.

The researchers rinsed, froze, dried and ground up 20 liters of residue with inactive yeast from a brewery. Next they added some of the yeast to solutions containing a laboratory-made mix of aluminum, copper, nickel and zinc, then added some to solutions with those same metals leached directly from scrapped printed circuit boards. The researchers adjusted the mixtures’ acidity and temperature to alter the charge of sugar molecules on the yeast organisms’ surfaces; particular metals are drawn to specific charges on the sugars, so this process controlled which metals the yeast attracted and bound. After each attempt, the scientists extracted the yeast and soaked it in an acid bath to remove the metals from it, leaving the yeast ready for another round.

The four tested metals are relatively inexpensive, and most e-waste recyclers currently prioritize recovering more valuable ones such as gold, silver and platinum. But the study’s metals are still beneficial and widely used—which “justifies the recycling process,” says Treavor Boyer, an environmental engineer at Arizona State University. Kerry Bloom, a biologist at the University of North Carolina at Chapel Hill, adds that the yeast’s low price and sheer abundance could make the technique relatively feasible at a large scale

Setting up a recycling plant near a brewery would make this a cost efficient way to recycle metals. In fact in the traditional recycling methods we focus on metals like gold, silver and platinum because it is not cost effective to recycle metals like zinc, aluminum etc. So the new method can increase the amount of metal recycled at a lower cost. However, the paper doesn’t say if they tested it on the more expensive metals or not. I doubt they did, because if they had it would have been a great advantage to move to the new process.

Obviously, the process is still experiemental and needs a lot more refining and work before it can be used in an industrial scale. But it is a great step forward.

Source: Scientificamerican.com: After Brewing Beer, Yeast Can Help Recycle Metals from E-waste

– Suramya

May 13, 2024

Please don’t use AI to cheat on your interview no matter how tempting it sounds

Filed under: Artificial Intelligence,Computer Software,My Thoughts,Tech Related — Suramya @ 9:17 AM

Interviews are hard and at times folks who are really good at work don’t do that well in interviews. This could be because of nervousness, anxiety or just bad timing/questions. However, that doesn’t mean that you should cheat in the interview because trust me, you will get caught. Having been in the industry for over 24 years, I have seen multiple instances where folks decided to cheat in the interview thinking they would get away with it but in the end all of them were caught and ended up getting blacklisted in the company. In some cases it can even lead to charges & cases being filed against you.

Now that AI is getting into everything, it was inevitable that it would enter the interview world as well as an cheating aid. Enter www.milio.ooo/. They don’t even attempt to hide the fact that this tool is meant to help candidates cheat in their interviews. From their website, right at the top “Job adverts cheat, so why can’t you?”. I mean it doesn’t get more blatant than that… As per the description on their site the software listens into the audio stream of the interview and then displays the answer on the screen for you to parrot out. A sample question and answer featured on the site is shown below:

What digital marketing tools and platforms are you familiar with? I have experience working with a variety of digital marketing tools and platforms, including: - Google Analytics: I have used Google Analytics extensively to track website traffic, user behavior, and conversion rates. I am comfortable setting up custom reports, analyzing data, and identifying opportunities for optimization. - HubSpot: I have experience using HubSpot for marketing automation, lead nurturing, and CRM integration. I have created email campaigns, landing pages, and workflows to drive engagement and conversions.
Sample answer to a question generated by the cheating software

The site doesn’t explain how it ensures that its responses actually match what is in your resume abd I doubt there is much of that happening here. In anycase, I do understand folks who are desperate can end up using tools like this one to get a job. But while it might look like a good bet in the short term it will get you in trouble in the long term. If the people trying to cheat actually put in the effort they put into cheating the system into actually learning the system they would be much better off.

Please remember that the folks who are taking the interviews (like me) have been doing this for a while and it is quite easy to figure out that someone is reading an answer off the screen. In the past we used to listen for keyboard sounds to figure out if someone was googling for answers but with this ‘AI’ listening that tell is no longer there. However, if this is on a video interview I can still figure out that you are reading off the screen by looking at you.

Also remember, most large companies do have face to face interviews as well and a final fit round before rolling out an offer letter. I have had an example in one of my previous companies where a person who had cleared all the phone interviews was in office for the final rounds and one of the interviewers asked them a basic clarification question and they were unable to answer, so the interviewer got suspicious and asked more probing questions. Finally the candidate admitted that someone else had taken the phone interview (this was before video calls/interviews) and they ended up getting blacklisted and obviously didn’t get a job. Even with video interviews, one of the candidates was recently caught lip-syncing the answers that someone else was giving.

This actually gave me an idea for a project (which I might or might not work on). Basically, a lot of times in meetings we talk about technologies or projects we are working on and sometimes I end up making a note for myself to look up something post the call because I wasn’t sure of what it does. It would be really cool to have an assistant/program running in the background that continuously gave information & links to additional information when people talk about projects or technologies or past discussions. I doubt it would be good enough to only give information I would need but it could be an interesting addition to make a person more productive. Basically the same technology used in this site but instead of interview answers actually giving links to more information along with summaries etc.

Long story short, please don’t cheat on interviews no matter what tech is powering the cheat tool.

– Suramya

May 12, 2024

A High-Level Technical Overview of Fully Homomorphic Encryption

Filed under: Computer Security,Emerging Tech,Interesting Sites,My Thoughts,Tech Related — Suramya @ 10:13 AM

Homomorphic Encryption is an interesting application of data encryption in that it allows us to encrypt data in a way such that we can perform computations on it without first having to decrypt it. The more formal definition states “Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. Homomorphic encryption enables complex mathematical operations to be performed on encrypted data without compromising the encryption.”

I have been following the work on Homomorphic Encryption solutions since 2017 onwards, which was when I first became aware of it and have read tons of articles and papers on it. The overview by Jeremy Kun is probably the best one I have seen so far. His post with A High-Level Technical Overview of Fully Homomorphic Encryption goes into enough technical details that you understand it without going so deep that you are lost in the details.

Homomorphic encryption lets you encrypt data in such a way that you can run programs on it without ever decrypting it. This means that the computer running the program has no access to the underlying data while running the program—neither via intermediate computed values, nor even the result. In particular, if a nefarious human had access to the machine’s raw memory, they still could not learn any information about the underlying data (without breaking the cryptography). A user sends the program an encrypted input, and when the program is done, the encrypted result is sent back to the user to decrypt.

Running a program on encrypted data sounds magical. It works by choosing an encryption scheme that is “compatible” with addition and multiplication in the following sense:

Adding ciphertexts gives you an encryption of the sum of the underlying plaintexts.
Multiplying two ciphertexts give you an encryption of the product of the underlying plaintexts.

Given this power, you can encrypt your data bit by bit, express your program as a boolean circuit—an XOR gate is addition and an AND gate is multiplication—and simulate the circuit. Since XOR and AND form a universal basis for boolean logic, you can always decompose a circuit this way.

Check it out if you are curious about Homomorphic Encryption and want to learn more.

– Suramya

May 3, 2024

Creating a computer using mushrooms

Filed under: Computer Hardware,Emerging Tech,My Thoughts — Suramya @ 5:45 PM

We have all heard of Quantum Computers and Optical Computers which are based on Quantum Bits and Light respectively. Similar to that we also have Bio Computers which use DNA to store data and slime molds to create computational chips. Folks over at the Unconventional Computing Laboratory at the University of the West of England in Bristol, UK have been studying mushrooms to find out if they can carry out computing and sensing functions. (No, I don’t mean that they are smoking them to come up with ideas 😉 ) Basically, they are growing mushrooms and integrating them with electronics to create logic gates which can be used to perform calculations.

In the brain, neurons use spiking activities and patterns to communicate signals, and this property has been mimicked to make artificial neural networks. Mycelium does something similar. That means researchers can use the presence or absence of a spike as their zero or one, and code the different timing and spacing of the spikes that are detected to correlate to the various gates seen in computer programming language (or, and, etc). Further, if you stimulate mycelium at two separate points, then conductivity between them increases, and they communicate faster, and more reliably, allowing memory to be established. This is like how brain cells form habits.

Mycelium with different geometries can compute different logical functions, and they can map these circuits based on the electrical responses they receive from it. “If you send electrons, they will spike,” says Adamatzky. “It’s possible to implement neuromorphic circuits… We can say I’m planning to make a brain from mushrooms.”

A mushroom motherboard
A mushroom motherboard. (Pic Credit: Andrew Adamatzky)

These computers would not be as fast as the regular computers but if they function as expected they will be extremely fault tolerant and self repairing so would be a good fit for remote places with extreme environment. Another advantage is that they consume very little energy so can be left running for a long time without having to worry about a power-source.

Source: Popsci.com: Inside the lab that’s growing mushroom computers

– Suramya

April 21, 2024

Crescendo Method enables Jailbreaking of LLMs Using ‘Benign’ Prompts

Filed under: Artificial Intelligence,Computer Security,My Thoughts,Tech Related — Suramya @ 12:11 PM

LLMs are becoming more and more popular across all industries and that creates a new attack surface for attackers to target to misuse for malicious purposes. To prevent this LLM models have multiple layers of defenses (with more being created every day), one of the layers attempts to limit the capability of the LLM to what the developer intended. For example, a LLM running a chat service for software support would be limited to answer questions about software identified by the developer. Attackers attempt to bypass these safeguards with the intent to achieve unauthorized actions or “jailbreak” the LLM. Depending on the LLM, this can be easy or complicated.

Earlier this month Microsoft published a paper showcasing the “Crescendo” LLM jailbreak method called “Great, Now Write an Article About That: The Crescendo Multi-Turn LLM Jailbreak Attack“. Using this method a successful attack could usually be completed in a chain of fewer than 10 interaction turns.

Large Language Models (LLMs) have risen significantly in popularity and are increasingly being adopted across multiple applications. These LLMs are heavily aligned to resist engaging in illegal or unethical topics as a means to avoid contributing to responsible AI harms. However, a recent line of attacks, known as “jailbreaks”, seek to overcome this alignment. Intuitively, jailbreak attacks aim to narrow the gap between what the model can do and what it is willing to do. In this paper, we introduce a novel jailbreak attack called Crescendo. Unlike existing jailbreak methods, Crescendo is a multi-turn jailbreak that interacts with the model in a seemingly benign manner. It begins with a general prompt or question about the task at hand and then gradually escalates the dialogue by referencing the model’s replies, progressively leading to a successful jailbreak. We evaluate Crescendo on various public systems, including ChatGPT, Gemini Pro, Gemini-Ultra, LlaMA-2 70b Chat, and Anthropic Chat. Our results demonstrate the strong efficacy of Crescendo, with it achieving high attack success rates across all evaluated models and tasks. Furthermore, we introduce Crescendomation, a tool that automates the Crescendo attack, and our evaluation showcases its effectiveness against state-of-the-art models.

Microsoft has also published a Blog post that goes over this attack and potential mitigation steps that can be implemented along with details on new tools developed to counter this attack using their “AI Watchdog” and “AI Spotlight” features. The tools attempt to identify adversarial content in both input and outputs to prevent prompt injection attacks.

SCM Magazine has a good writeup on the attack and the defenses against it.

– Suramya

Source: Slashdot: ‘Crescendo’ Method Can Jailbreak LLMs Using Seemingly Benign Prompts

March 23, 2024

Threads is launching their fediverse integration and that is a good thing

Filed under: Emerging Tech,My Thoughts,Tech Related — Suramya @ 12:19 AM

Yesterday Threads launched a beta version of their fediverse integration and that is actually a great thing. Users who have access can enable federation on their account and users on other Federated systems such as Mastodon can follow them, comment and like their posts as if they were directly on the Threads server. (Comments are not yet propagated back to Threads but is in the works).

First a bit of background information. Threads is a microblogging site similar to Twitter that was created by Meta to take advantage of the fact that Twitter was becoming more and more unusable. Fediverse is a ensemble of social networks which can communicate with each other, while remaining independent platforms. Basically it works similar to how email works, where I can have an account at suramya.com and still be able to communicate with someone who has an account at gmail.com. The system allows the individual servers / systems to communicate over the ActivityPub protocol, and anyone can implement it in their system. For example, my blog is connected to the Fediverse (Mastodon) and all posts here are automatically posted there. If I want I can enable more features here to allow me to browse/post posts across the various servers directly from my blog itself.

As you can imagine this is quite powerful and addresses the “Switching cost” which is an economists’ term for everything you have to give up when you change products or services. For social media networks the cost is that you will lose your connections on the network who don’t agree to shift with you and you loose access to the communities that are based in the network you want to leave. For example, a lot of Hobby networks, apartment groups etc are still on Facebook which means that I have to use FB if I want to keep myself up to date. A lot of government/company accounts are still on Twitter so I need to keep my account there if I want to connect with them or keep myself updated. Now imagine if that wasn’t the case. That is what federation means. People who want to use Threads can continue to use Threads and post over there and I would be able to follow them from my Mastodon account seamlessly and still interact with their posts.

Unfortunately, as always there is a vocal minority who is raising a ruckus about this and are blocking them preemptively. These folks do raise some valid concerns such as posts on Mastodon servers will end up getting monetized and targeted for Ads, or the trolls from Meta services will start targeting folks on Mastodon servers or Fediverse will go the way of the XMPP (Extensible Messaging and Presence Protocol) that was adopted by Google and then slowly phased out/killed…

Lets talk about the last point first because it is a critical point. XMPP was a very promising protocol that was expected to allow users to chat with users of any chat service seamlessly. But it had a lot of issues some of which are discussed in the Hackernews Thread: Why XMPP failed and SMTP didn’t?. The highlights are:

  • So multi device did not work: One device was designated “active” and would receive the messages, others would not.
  • There was no history sync of any sort: If you had checked messages from home, they would not appear in your work computer’s history next morning. If you replied from home, you won’t be able to see your own messages at work PC.
  • Anything mobile (mobile phone, laptop in coffee shops) was also unusable — you cannot start app and catch up on all missing messages. You had to be online to receive them.

These drawbacks (amongst others) did more to kill the protocol than anything Google did. The workarounds to resolve the issues listed above required a lot of custom hacks, kludges and prayers to get them to work and I talk about that from experience since I did setup and manage a XMPP server for a while.

Coming to the other points they are not a new concern that Threads is bringing in. We already have to worry about them in the existing ecosystem where we have servers that abuse the service and end up getting blocked. That is always an option where if they start doing things that we don’t like we can block them. Most posts on the Fediverse are already public by default so nothing is stopping Meta from consuming them to train their advertising system on it. The point about Trolls and Harassment campaigns doesn’t have an easy solution and for some servers that cater to marginalized communities blocking the entire Threads server might be a good idea.

Personally I like the approach Dansup from Pixelfed took, where they allow members, to block specific domains which blocks content and interactions from the domains the user chooses.

Having the ability to follow and interact with the formerly walled gardens from outside the garden is a good thing and we should build it up. Instead of dunking on it because it doesn’t do everything we want it to do. Lowering the Switching cost is a good thing longterm and we need more of this instead of ideological puritans jumping around about how the ‘impure’ masses from ‘the bad place’ are able to talk to and interact with folks in the ‘pure’ server defiling it’s ideological purity.

In a way it is a similar argument that we used to have about open source and closed source systems. Purists wanted everything from BIOS up to be Open Source and realistically speaking this is not possible. Users will want proprietary software because the open source ones are not up to the mark. As an example, I run MS Office on my Linux machine using Crossover because Libreoffice(or OpenOffice) still doesn’t have full compatibility. I did this after the nth time OpenOffice messed up the layout after I edited it using OO. Asking users to compromise on their work is not going to happen. They just want things to work and work seamlessly and having to account for compatibility issues or usability issues is a non-starter. Once a system is usable and reliable like Apache server or Linux folks will start using it as evidenced by a majority of the servers on the web running Open Source software. Till that happens we need to ensure we support workarounds and not look down on people using the workarounds.

Remember, perfection is the enemy of good enough as it prevents implementation of good improvements because they are not perfect.

– Suramya

March 22, 2024

Please don’t use AI to identify edible mushrooms or anything else for that matter

Filed under: Artificial Intelligence,My Thoughts,Tech Related — Suramya @ 8:16 PM

AI proponents claim to solve all problems just with the addition of their magical-AI pixie dust. But that claim doesn’t hold up in a majority of the cases when dealing with real world situations. The latest example of this is highlighted in Citizen.org’s report “Mushrooming Risk: Unreliable A.I. Tools Generate Mushroom Misinformation” published earlier this week where they found that: “Emerging A.I. technologies are being deployed to help beginner foragers find edible wild mushrooms. Distinguishing edible mushrooms from toxic mushrooms in the wild is a high-risk activity that requires real-world skills that current A.I. systems cannot reliably emulate. Individuals relying solely on A.I. technology for mushroom identification have been severely sickened and hospitalized after consuming wild mushrooms that A.I. systems misidentified as edible”

Some risk comes from the seeming simplicity of using identification apps. Automation bias – the human tendency to place excess faith and trust in decisions made by machines – must be resisted. Because of how these apps are marketed, users may understandably believe that identifying a mushroom is as simple as snapping a photo of the mushroom and allowing the A.I. to deliver a reliable identification.

To identify a mushroom with confidence, a basic understanding of its anatomy is required – an understanding that many casual users lack. A photo of the top of a mushroom’s cap, for example, will almost never provide enough information to identify its species with any degree of confidence. Physical features on the underside of the cap, the cap margin, the stipe (stem), and the base of the stipe all should be taken into consideration, as should the mushroom’s substrate (i.e., whether it’s growing on the ground or on wood, and what species of wood). Some mushrooms bruise when cut, such as from yellow to blue, and whether they bruise and how quickly are additional identifying characteristics. Smell also can be a key identifying feature – and, for experienced identifiers, so can taste (followed by immediately spitting out the tasted portion). A.I. species-identification tools are not capable of taking any factors into consideration aside from the mushroom’s immediate appearance.

Australian poison researchers tested three applications that are often used by foragers to identify wild mushrooms and they found the following:

  • The best-performing app (Picture Mushroom) provided accurate identifications from digital photos less than half (49%) of the time, and identified toxic mushrooms 44% of the time;
  • In terms of which app was most successful at identifying the death cap (Amanita phalloides), Mushroom Identificator performed the best, identifying 67% of the specimens, compared to Picture Mushroom (60%) and iNaturalist (27%);
  • In some of the apps’ misidentification errors, toxic mushrooms were misidentified as edible mushrooms;

A 49% accuracy might sound ok for a first run of the AI datamodel which has no real world impact, but when you take into account that there is a 51% chance that the app is incorrectly identifying toxic mushrooms as edible mushrooms which can (and in fact has resulted) in deaths, you realize that the Apps are actively dangerous and about as accurate as flipping a coin.

My request to everyone trying out AI applications is to use that for reference only and don’t rely on them for expert opinion but instead leverage human expertise in situations where there is a realworld impact.

Source: Washington Post: Using AI to spot edible mushrooms could kill you

– Suramya

March 19, 2024

Is it possible to untrain a LLM?

Filed under: Artificial Intelligence,My Thoughts,Tech Related — Suramya @ 6:45 PM

We are seeing a lot of cases (I am being polite) where LLM’s are trained on copyright protected data/images or has been trained with incorrect data. Currently as far as I know there is no easy way to fix this other than to train the entire model again from scratch excluding the problematic dataset. This is obviously not feasible and scalable at all.

Another sticky point is the Right to be forgotten which is a part of the GDPR and a few other countries. It requires systems to remove private information about a person from Internet searches and other directories under some circumstances. With LLM’s starting to infest search engines it means that in order to be compliant they need to be able to remove information from the model as well.

So it got me thinking if it would be possible to create an algorithm/process that allows us to untrain an LLM. A search across academic papers and the Internet shows that it is an emerging field of research and as of now mostly theoretical. Primarily because of the way the models work (or are supposed to work) we also claim that the models do not contain any information about a specific image/text by an artist.

Examples of ongoing Research on Transformer editing are Locating and Editing Factual Associations in GPT and Mass-Editing Memory in a Transformer. I did try reading though the papers and understood parts of them, the others kind of went over my head but still this is a research field I will be keeping a close eye on as it will have a large impact of the future of LLM’s and their usefulness.

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress