If anyone’s looking for a computer security project that could be relevant to AI risk scenarios, consider looking at the architecture that an AI box would have, and the software at its surface. While boxing is not sufficient, it is useful as part of a defense-in-depth strategy, and it’s a relatively cheap and good precaution for groups that don’t think their creations will become generally intelligent with much probability. A box would offer some protection against AI escaping before its birth has been noticed. I’m particularly concerned about terminals (iTerm, xterm, PuTTY, etc), which would most likely interact with the contents of the box in any boxed AI setup, and all seem to be neglected targets written in unsafe languages (ie, C and C++).
It would also be nice to have hardware and software for fake (alarmed) network interfaces, soundcard antennas, and pretend VM hosts. Rather than close off the tricks that an AI of unrecognized generality might use to escape its box, we should replace them all with traps; and since AI researchers probably won’t make these things themselves, we should provide ready-made solutions for them.
If anyone’s looking for a computer security project that could be relevant to AI risk scenarios, consider looking at the architecture that an AI box would have, and the software at its surface. While boxing is not sufficient, it is useful as part of a defense-in-depth strategy, and it’s a relatively cheap and good precaution for groups that don’t think their creations will become generally intelligent with much probability. A box would offer some protection against AI escaping before its birth has been noticed. I’m particularly concerned about terminals (iTerm, xterm, PuTTY, etc), which would most likely interact with the contents of the box in any boxed AI setup, and all seem to be neglected targets written in unsafe languages (ie, C and C++).
It would also be nice to have hardware and software for fake (alarmed) network interfaces, soundcard antennas, and pretend VM hosts. Rather than close off the tricks that an AI of unrecognized generality might use to escape its box, we should replace them all with traps; and since AI researchers probably won’t make these things themselves, we should provide ready-made solutions for them.
These things all seem positive (which doesn’t mean near the frontier of effectiveness) and helpful as far as they go.