My theory is a lot of the anti-AI sentiment is specifically US geopolitical adversaries (pick one or more: China, Russia, Iran, ...) who want a bad outcome for the US (AI as potential AGI; AI as one of the few successful economic sectors of the US; general desire to cause societal disruption or collapse and AI as convenient target). Probably >95% of the really bad stuff (the micron fab disruption, attacks on AI datacenters, ...) is probably root-cause that, possibly executed by useful idiots, people paid by organizations, etc. 5% is normal NIMBY stuff. Approximately measure 0 is Zizian death cultists.
I don't any of these will be dissuaded by cute family photos. Fortunately the frontier model companies and major infrastructure providers are able to pay for top-tier corporate security (although tech people generally have been unwilling to do this at home for lifestyle reasons), but I'd be afraid for people elsewhere in the supply chain.
(And destructive attack is all on top of the normal corporate espionage, infiltration, subversion, etc.)
If a good outcome for the US is OpenAI technology being used by the US military to kill Middle Eastern children, I want a bad outcome for the US too. (Proudly born and raised in California)
It's depressing now, but also was genuinely amazing how great EFF was early on. I think a lot of that had to do with the board, membership, and staff (such as yourself) intentionally trying to keep things balanced and focused. Thank you for all the great stuff you and the rest of the org did back then.
It will be interesting to compare PQ rollout to HTTPS rollout historically (either the "SSL becomes widespread in 2015" thing, or the deprecation SSL 3.0). Cloudflare is in an easy position to do stuff like this because it can decouple end user/browser upgrade cycles from backend upgrade cycles.
Some browsers and some end user devices get upgraded quickly, so making it easy to make it optionally-PQ on any site, and then as that rollout extends, some specialty sites can make it mandatory, and then browser/device UX can do soft warnings to users (or other activity like downranking), and then at some point something like STS Strict can be exposed, and then largely become a default (and maybe just remove the non-PQ algorithms entirely from many sites).
I definitely was on team "the risks of a rushed upgrade might outweigh the risks of actual quantum breaks" until pretty recently -- rushing to upgrade has lots of problems always and is a great way to introduce new bugs, but based on the latest information, the balance seems to have shifted to doing an upgrade quickly.
Updating websites is going to be so much easier than dealing with other systems (bitcoin probably the worst; data at rest storage systems; hardware).
If any kind of proof about serious quantum computers comes to light, browsers can force most websites' hand by marking non-PQ ciphers as insecure.
Maybe it'll require TLS 1.4/QUIC 2, with no changes but the cipher specifications, but it can happen in two or three years. Certificates themselves don't last longer than a year anyway. Corporations running ancient software that doesn't support PQ TLS will have the same configuration options to ignore the security warnings already present for TLS 1.0/plain HTTP connections.
The biggest problem I can imagine is devices talking to the internet no longer receiving firmware updates. If the web host switches protocols, the old clients will start dying off en masses.
Leaf certificates don't last long, but root CAs do. An attacker can just mint new certs from a broken root key.
Hopefully many devices can be upgraded to PQ security with a firmware update. Worse than not receiving updates, is receiving malicious firmware updates, which you can't really prevent without upgrading to something safe first.
> An attacker can just mint new certs from a broken root key.
In Chrome at the very least, the certificate not being in the certificate transparency logs should throw errors and report issues to the mothership, and that should detect abuse almost instantly.
You'd still be DoSing an entire certificate authority because a factored CA private key means the entire key is instantly useless, but it wouldn't allow attacks to last long.
When you connect, you specify supported ciphers. If the server doesn't support them, there's standard "insufficient security" (71) error that was there since at least TLS 1.0, maybe earlier.
They are slower, larger, and less tested. Specifically the hope was to develop hybrids that could also provably be more pre-quantum secure then what they are replacing. History dose not favour rushing cryptography.
They are large, but they're not that slow actually. We've been testing them for almost a decade now. I agree that rushing is bad. That's why we need to start moving now, so that we're not rushing even closer to the deadline.
Waiting now means rushing even more close to the deadline! We added stats on origin support for post-quantum encryption. Not as much support as browsers of course, but better than I expected. Still a long road (and authentication!). https://radar.cloudflare.com/post-quantum
> Updating websites is going to be so much easier than dealing with other systems (bitcoin probably the worst; data at rest storage systems; hardware).
Does it? That one is different because IPv4 with CGNAT largely "just works" except for P2P type stuff. As a result there's a strong incentive for anyone who has a working setup to just not care.
I can use myself as an example here. IPv6 is supported by all my hardware, all the software I use, and my ISP provides it. Yet my LAN intentionally remains IPv4 only with NAT. Why? Because adding IPv6 to my LAN would require nonzero effort on my part and has (at least for now) quite literally zero upside for me. If I ever need something it offers I will switch to it but that hasn't happened yet.
PQC is entirely different in that the existence of a CRQC immediately breaks the security guarantee.
I insure a bunch of big datacenters (crypto mining, AI); there are really two main drivers of cost of insurance per $ of equipment:
1) Internal risks and controls within the datacenter (the company involved and their operating history, fires, flood, etc,) -- for a sufficiently "good" datacenter, you can assume it gets maxed out in quality, or at least to the point where it's no longer efficient to spend more. Most of these risks also cause service disruptions, so if you're building for high availability anyway, the rest of this stuff is usually handled as part of that. Essentially, if you're too cheap to build a good enough datacenter to max this out, you're not getting insurance anyway in most cases, so it's not a variable factor so bunch as binary or maybe a few broad risk bands (ISO tier for datacenters).
2) External risks. This is mostly natural catastrophe ("nat cat" or "cat risk"); usually there's one dominant driver of that ("severe convective storms" in Texas; floods and hurricanes in places like Florida; earthquakes in California). In some places it's multiple risks (Japan has both earthquake/tsunami and typhoon). This drives the majority of insurance premium.
War risk, geopolitical, political risk, terrorism, SRCC ("strikes, riots, and civil commotion") are in a third category -- often essentially not a factor (e.g. for a $200mm facility in rural Texas), but often handled through special programs at a national level or specialty insurance. A lot of normal policies exclude or let the client buy-back that part of the risk.
As my personal interests in war zones, drones, etc. and professional interests in crypto, AI, and datacenters seem to have converged, looking forward to seeing "quality of air defense artillery/integrated air defense system" as well as "comprehensive quick reaction force capable of dealing with national-level threats" as elements of insurance underwriting for $50B AI datacenters/"AI factories" in the future. I assume in most cases this kind of stuff will be handled by national, military, defense, or civil defense parts of the government, but could easily be contracted as well. I don't think Oracle Cloud is likely to stand up their own private army though.
Very recently Amazon announced they'd stop commingling inventory from 3P sellers and themselves, so it should be safer to buy from Amazon in the future (if you look at the specific seller), but still maybe worth avoiding for safety critical items which are difficult to inspect.
They still need to prove that isn't just a saying. A good reputation takes a long time to develop and very little time to lose. With safety gear I would not take a chance.
If I'm going to take a chance I'd prefer to support a small company. Amazon is big, but I find most things they sell I can find a small company that sells the same for a similar price and they know their product and so will direct me to what works well.
There are some products where I absolutely don't take a chance (I buy all my tourniquets/etc from North American Rescue, who are the manufacturer or primary distributor, directly), but for a while I wouldn't even buy razor blades from Amazon because of the risk of getting fakes or commingled inventory from shoplifting gangs. I'm willing to take that level of risk on Amazon policy now.
As long as they don't make a mistake and send the wrong thing anyway, which happens. You're always better off getting safety critical items from a place that only stocks from a verified supply chain, rather than a place that keep them separate merely by policy.
I’m in Niseko (Hokkaido) and had just driven 2.5h through a snowstorm to my hotel, opened door, and put down bags and phone. Weird alarm from my phone (new phone; forgot to disable, which I usually do because where I live abuses the system for a bunch of stupid alerts for chronic issues), looked at it, realized in Japan it is probably real, so I stood in a doorway. Pretty decent sized storm.
If a tsunami affects me on a mountain something would be seriously wrong, so I’m not going to worry.
Yes. My partner got one in Morioka about 6 weeks ago.
Edit: very, very quickly after the quake, which we felt, I might add. I got a notification via the 'Safety tips' app long after. I think I was on Airplane mode at the time.
Hokkaido is by a wide margin my favorite place in the world. If I could easily HQ a tech company there (for global sales; Japan domestic market is stagnant), I would.
Almost all of the larger commercial miners (especially public companies) are looking at this. There are a bunch of issues (I have a conference talk last week at one of the big mining conferences on the topic, and have met with a bunch of miners on this.)
Probably long term the solution will be hybrid — mining gets done using any spare power. AI training generally requires protected power even beyond firm power and few miners have this for their mining operations, and also most of the mining facilities aren’t in the ISO 5 or 6 facilities we (I insure miners and AI) want to see for $500mm worth of mining hardware. Usually the mining companies don’t want to make the upfront capital outlay for these, so a lot of the time they do partnerships where part of their PPA is shared.
No one I've seen does without at least battery backup/conditioning/etc. Some may have less than 100% redundancy on generators, but that's mainly because some of them are running with e.g. a 200MW grid feed and 20x10MW gensets and ALSO running about 10-15 of the "backup" gensets as prime power. It's possible corners are cut during commissioning (like they use modular structures during buildout of the tilt-up ISO 5 permanent structure), but substanially no one would do this as their long-term design goal.
More. In 2024, Bitcoin mining companies collectively spent over $3.6 billion on hardware, data centers, and infrastructure to maintain and expand their operations.
I insure like >$3B worth actively I think (which includes some additional power equipment, hvac, etc. below the scale of main site transformers, etc.). If you count former equipment which has been removed from service over the years it is probably about $5-10B for Bitcoin in total? (Not pulling the BDX to look at specific breakdown of miners vs AI)
One $4mm cabinet of GB300 can generate maybe 10-20x the power/hvac cost per hour so it doesn't make sense to ever have it idle. Vs. $100K worth of miners for the same 40KW conditioned or 100KW raw power.
I'm definitely interested in these if they work -- both because mosquito elimination (the world's most dangerous animal...) is interesting, and because it's an obvious demo for inexpensive autonomous drones for various terminal effects.
I don't any of these will be dissuaded by cute family photos. Fortunately the frontier model companies and major infrastructure providers are able to pay for top-tier corporate security (although tech people generally have been unwilling to do this at home for lifestyle reasons), but I'd be afraid for people elsewhere in the supply chain.
(And destructive attack is all on top of the normal corporate espionage, infiltration, subversion, etc.)