July 6, 2022
Photo: Justin Sullivan/Getty Images
Hello and welcome to Protocol Enterprise! Today: why Microsoft and Google think controversial emotion-AI detection software has a place in accessibility work, the U.S. government sets new goals for ransomware reporting and the golden age of the deepfake might be here sooner than we'd like.
Despite its own splashy admission that its emotion recognition technology creates “risks” so it will retire it, Microsoft will retain the capability in an app used by people with vision loss. Google also incorporates controversial emotion recognition features in some products.
Google offers similar computer vision technology in its Cloud Vision API, which includes “pre-trained Vision API models to detect emotion” and rates the likelihood that a face in an image is expressing anger, joy, sorrow or surprise.
Researchers are pushing to advance emotion AI.
The competitive edge of digital solutions: For the last 50 years, SAP has worked closely with our customers to solve some of the world’s most intricate problems. We have also seen, and have been a part of, rapid accelerations in technology in response. Across industries, certain paths have emerged to help businesses manage the unexpected challenges over the last few years.
Here's a telling bit of information: When the DOJ released its new strategic plan for the next four years on Friday, it highlighted two priority areas in the category of keeping Americans safe. The first was reducing gun-related violent crime. Combating ransomware came in at No. 2.
In other words, the ransomware problem is really bad (we knew that) and the DOJ thinks there's a lot more it could be doing (we maybe didn't realize that part). Specifically, the department wants to get to a point where a timely response by its agencies to ransomware attacks becomes the norm: By the fall of 2023, the DOJ set a goal for 65% of reported incidents to at least have a case opened within 72 hours.
But the emphasis, perhaps, should be on "reported." A CISA official was recently quoted as saying that the government is only hearing about a "tiny fraction" of ransomware attacks. Which is exactly why Congress earlier this year passed a bill requiring critical infrastructure operators to disclose major incidents to CISA within 72 hours. But the requirement may not take effect until more than three years from now — an eternity-and-a-half in cyber time.
Regardless, we do now have a pledge from the DOJ to respond more quickly to the ransomware attacks it does know about (the department didn't supply current figures for comparison). Whether the promise of a prompt call from the feds will lead to more ransomware reporting or less, it's hard to know. What we do know is that, unhappily for everyone except Russia and North Korea, ransomware is not going away anytime soon.
Right now, deepfakes still aren't very good. The gestures aren't synchronized, or the person's speech just sounds a bit … off. But it might not be too long before deepfakes are a lot more convincing — and possibly a greater threat from a cybersecurity perspective, security researcher Cameron Camp told me.
In fact, there's reason to suspect the timetable may be speeding up a bit, Camp says. One of the big challenges with creating believable-but-fake video or audio is the need for lots of CPUs and GPUs.
But the recent plunge in value for cryptocurrencies such as bitcoin means some crypto miners probably have "a lot of GPUs sitting around and not too much to do with them." It's likely that some have been reallocating their GPUs to deepfakes, which could be more lucrative for cybercrime purposes, according to Camp, who works for cybersecurity vendor ESET.
The threat posed by a fake voicemail from a CEO, for instance, could be a serious one (business email compromise scams are already successful way too often). And that's just one of the possible dangers of convincing deepfakes. When asked how soon he thinks we might get there, Camp told me he thinks it might only be another year or two. With deepfakes currently, "you can spot the difference," he says — but a future where you can't trust your eyes or ears may be here sooner than we'd like.
Microsoft Azure Vice President Tom Keane said he’s leaving the company, after a report that described a pattern of verbal abuse in recent years.
The U.S. Air Force is so fed up with the delays around the DOD’s JEDI cloud contract and the forthcoming JWCC that it plans to go ahead with a multicloud infrastructure platform called “Cloud One.”
The competitive edge of digital solutions: When companies invest in maintaining their “green ledger” with the same commitment they have to their financial ledgers, they will be able to connect their environmental, social, and financial data holistically so they can steer their business towards sustainability. At the end of the day, what gets measured, gets managed.
Thanks for reading — see you tomorrow!