Tag Archives: project

Can sound help save a dwindling elephant population? Scientists using AI think so. – On the Issues

Scientists with the Elephant Listening Project estimate that Africa’s population of forest elephants has dropped from roughly 100,000 animals in 2011 to fewer than 40,000 animals today. But those numbers are largely based on indirect evidence: ivory seizures, signs of poaching and labor-intensive surveys that are too expensive to be done regularly.

The Elephant Listening Project has spent more than three decades researching how elephants use low-frequency rumbling sounds to communicate with one another. More recently, those scientists began to use acoustic sensors at research sites to inform population estimates and, ultimately, to track and protect forest elephants across their ranges in Central and West Africa.

If scientists find, for example, that at specific times of year elephants are using clearings in an unprotected logging concession to access scarce minerals or find mates, scientists can work with the loggers to schedule their work to minimize disturbance and reduce conflicts.

But there has been a bottleneck in getting data out of these remote African forests and analyzing information quickly, says Peter Wrege, a senior research associate at Cornell who directs the Elephant Listening Project.

“Right now, when we come out of the field with our data, the managers of these protected areas are asking right away, ‘What have you found? Are there fewer elephants? Is there a crisis we need to address immediately?’ And sometimes it takes me months and months before I can give them an answer,” says Wrege.

Conservation Metrics began collaborating with the Elephant Listening Project in 2017 to help boost that efficiency. Its machine learning algorithms have been able to identify elephant calls more accurately and will hopefully begin to shortcut the need for human review. But the volume of data from the acoustic monitors, shown in the spectrogram below, is taxing the company’s local servers and computational capacity.

Microsoft’s AI for Earth program has given a two-year grant to Conservation Metrics to build a cloud-based workflow in Microsoft Azure for analyzing and processing wildlife metrics. It has also donated Azure computing resources to the Elephant Listening Project to reduce its data-processing costs for the project. The computational power of Azure will speed processing time dramatically, says Matthew McKown, the CEO of Conservation Metrics. The platform also offers new opportunities for clients to upload and interact with their data directly.

It currently takes about three weeks for computers to process a few months of sound data from this landscape-scale study, says McKown. Once the Azure migration is complete later this year, that same job may take a single day.

“It’s a huge improvement. We’re really interested in speeding up that loop between having equipment monitoring things out in the field and going through this magic process to convert those signals into information you can send into the field where someone can take action,” says McKown. “Right now, that process can take a really long time.”

Can sound help save a dwindling elephant population? Scientists using AI think so. – On the Issues

Scientists with the Elephant Listening Project estimate that Africa’s population of forest elephants has dropped from roughly 100,000 animals in 2011 to fewer than 40,000 animals today. But those numbers are largely based on indirect evidence: ivory seizures, signs of poaching and labor-intensive surveys that are too expensive to be done regularly.

The Elephant Listening Project has spent more than three decades researching how elephants use low-frequency rumbling sounds to communicate with one another. More recently, those scientists began to use acoustic sensors at research sites to inform population estimates and, ultimately, to track and protect forest elephants across their ranges in Central and West Africa.

If scientists find, for example, that at specific times of year elephants are using clearings in an unprotected logging concession to access scarce minerals or find mates, scientists can work with the loggers to schedule their work to minimize disturbance and reduce conflicts.

But there has been a bottleneck in getting data out of these remote African forests and analyzing information quickly, says Peter Wrege, a senior research associate at Cornell who directs the Elephant Listening Project.

“Right now, when we come out of the field with our data, the managers of these protected areas are asking right away, ‘What have you found? Are there fewer elephants? Is there a crisis we need to address immediately?’ And sometimes it takes me months and months before I can give them an answer,” says Wrege.

Conservation Metrics began collaborating with the Elephant Listening Project in 2017 to help boost that efficiency. Its machine learning algorithms have been able to identify elephant calls more accurately and will hopefully begin to shortcut the need for human review. But the volume of data from the acoustic monitors, shown in the spectrogram below, is taxing the company’s local servers and computational capacity.

Microsoft’s AI for Earth program has given a two-year grant to Conservation Metrics to build a cloud-based workflow in Microsoft Azure for analyzing and processing wildlife metrics. It has also donated Azure computing resources to the Elephant Listening Project to reduce its data-processing costs for the project. The computational power of Azure will speed processing time dramatically, says Matthew McKown, the CEO of Conservation Metrics. The platform also offers new opportunities for clients to upload and interact with their data directly.

It currently takes about three weeks for computers to process a few months of sound data from this landscape-scale study, says McKown. Once the Azure migration is complete later this year, that same job may take a single day.

“It’s a huge improvement. We’re really interested in speeding up that loop between having equipment monitoring things out in the field and going through this magic process to convert those signals into information you can send into the field where someone can take action,” says McKown. “Right now, that process can take a really long time.”

Meltdown and Spectre disclosure suffered “extraordinary miscommunication”

LAS VEGAS — Despite Google’s own Project Zero being part of the discovery team for the Meltdown and Spectre vulnerabilities, Google itself wasn’t notified until 45 days after the initial report was sent to Intel, AMD and ARM.

Speaking at a panel on Meltdown and Spectre disclosure at Black Hat 2018 Wednesday, Matt Linton, senior security engineer and self-described “chaos specialist” at Google’s incident response team, explained how his company surprisingly fell through the cracks when it came time for the chip makers to notify OS vendors about the vulnerabilities.

“The story of Google’s perspective on Meltdown begins with both an act of brilliance and an act of extraordinary miscommunication, which is a real part of how incident response works,” Linton said during the session, titled “Behind the Speculative Curtain: The True Story of Fighting Meltdown and Spectre.”

Even though Project Zero researcher Jann Horn was part of both the Meltdown and Spectre discovery teams, Linton said, Project Zero never notified Google directly. Instead, the Project Zero group followed strict guidelines for responsible vulnerability disclosure and only notified the “owners” of the bugs, namely the chip makers.

“They feel very strongly in PZ [Project Zero] about being consistent about who they notify and rebuffing criticism that Project Zero gives Google early heads up about bugs and things,” Linton said. “I assure they did not.”

Project Zero notified Intel and the other chip makers about the vulnerabilities on June 1, 2017. It had been previously reported that Google’s incident response team wasn’t looped into the Meltdown and Spectre disclosure process until July, but it wasn’t entirely clear why that was. Linton explained what happened.

“[Project Zero] notified Intel and the other CPU vendors of these speculative execution vulnerabilities and they said a third of the way through the email that ‘We found these, here are the proof of concepts, and by the way, we haven’t told anyone else about this including Google, and it’s now your responsibility to tell anyone you need to tell,’ and somewhere along the line they missed that piece of the email,” he told the audience.

Linton said the CPU vendors began the Meltdown and Spectre disclosure process and started notifying companies that needed to know such as Microsoft, but they apparently believed Google had already been informed because Project Zero was part of the discovery teams. As a result, Google was left out of early stage of the coordinated disclosure process.

“As an incident responder, I didn’t find out about this until mid-July, 45 days after [the chip vendors] discovered it,” Linton said.

The miscommunication regarding Google was just one of several issues that plagued the massive coordinated disclosure effort for Meltdown and Spectre. The panelists, which included Eric Doerr, general manager of the Microsoft Security Response Center, and Christopher Robinson, principal program manager and team lead of Red Hat Product Security Assurance, discussed the ups and down of the complex, seven-month process as well as advice for security researchers and vendors based on their shared experiences.

Editor’s note: Stay tuned for more from this panel on the Meltdown and Spectre disclosure process.

Disclose.io launches vulnerability disclosure ‘safe harbor’

Disclose.io is a new project that promotes a framework for the standardization of norms for vulnerability disclosure with the intent to remove the threat of criminal or civil prosecution of cybersecurity researchers, a long-standing obstacle to more open research and sharing of vulnerabilities by independent experts.

Describing itself as “a collaborative and vendor-agnostic project to standardize best practices around safe harbor for good faith security research,” Disclose.io was jointly announced this week by bug bounty company Bugcrowd and Amit Elazari, a University of California, Berkeley, doctoral candidate and bug bounty legal expert. The project addresses the lack of consistency in policies on vulnerability  disclosure, the need to keep researchers safe from legal action by companies with vulnerabilities and a framework to provide researchers with a “safe harbor” from prosecution under the Computer Fraud and Abuse Act (CFAA) or the Digital Millennium Copyright Act (DMCA).

So far, Elazari has listed 21 organizations — up from 18 when the announcement was first made — that have adopted language in their bug bounty programs that follow Department of Justice guidelines for protecting bug bounty participants from prosecution under the CFAA and that also address DMCA issues.

“With growing attention to this issue and increasing adoption of bug bounties in general, as well as the emergence of best practices, I hope adoption within big players will rise,” Elazari wrote by email. “Hackers are also becoming more aware to this issue and with time safe harbor will hopefully become a competitive feature of the program — a way to get more professional eyeballs on your code. This trend will continue as long as the law continues to be murky — and that is the case especially with the CFAA.”

The Disclose.io framework builds on the Open Source Vulnerability Disclosure Framework from Bugcrowd and tech-focused law firm CipherLaw, as well as Elazari’s own #legalbugbounty standardization project, both of which provide guidance on ways to keep participants safe from prosecution under the CFAA or the DMCA for companies setting up their own vulnerability disclosure programs.

Organizations that have adopted safe harbor terms in their bug bounty or vulnerability disclosure programs include Bugcrowd, as well as Dropbox, HackerOne and Mozilla.

Risks of vulnerability disclosure

The Disclose.io project comes from the intent to protect both cybersecurity researchers from the risk of legal proceedings as a result of them disclosing vulnerabilities, as well as to protect program owners from individuals who discover vulnerabilities and act in bad faith; for example, some individuals may have ulterior motives and use bug bounty programs to gain unauthorized access to the program owner’s resources.

Amit Elazari, doctoral candidate at University of California, Berkeley, and bug bounty legal expertAmit Elazari

However, some organizations attempt to shift some of the risks of bug bounty hunting to the bug hunters, especially when bug bounty participants are not explicitly granted full authorization to all relevant assets.

“Not providing authorization is shifting the legal risk to the hacker. Since these are take-it-or-leave-it contracts, lawyers might be inclined to protect their own organization interests. The main practical barrier for adoption of safe harbor is it actually requires obtaining the rights to authorization in all assets and careful scoping and policy drafting,” Elazari wrote. “When you are authorizing access you are clarifying that one must follow the guidelines to get it, and that’s why it works well for both parties because it signals to the hacker what are the rules. If you intentionally violate the rules — you don’t get the safe harbor.”

In other news

  • Facebook security chief Alex Stamos is leaving the social networking giant and starting a research and teaching role as an adjunct professor at Stanford University’s Freeman-Spogli Institute for International Studies (FSI). His last day at Facebook is Aug. 17, almost precisely five months after The New York Times reported that his “impending exit” was set for August. Prior to his stint at Facebook, Stamos was CISO at Yahoo. In a message posted on his Facebook page, Stamos wrote that he would be continuing his work on “understanding and preventing the misuse of technology,” and would be launching “a course teaching hands-on offensive and defensive techniques and to contribute to the new cybersecurity master’s specialty” at FSI.
  • Congress passed a bill this week that will force tech companies to disclose to the Pentagon if they have allowed foreign governments to examine their software if it was sold to the U.S. military. The legislation was included in the Pentagon spending bill, which was approved by an 87-to-10 vote in the Senate after having passed in the House of Representatives last week; President Trump is expected to sign the bill into law. The new law was drafted after an investigation by Reuters discovered that companies, including Hewlett Packard, SAP and McAfee had allowed Russian agencies to examine their software products as a precondition for sale in Russia. The legislation, included in the fiscal 2019 National Defense Authorization Act, was drafted by Senator Jeanne Shaheen (D-NH), who told Reuters that the new rules would help secure the government’s technology acquisition process.
  • The CA/Browser Forum has changed its rules for how certificate authorities (CAs) are allowed to validate claims of domain ownership for issuance of trusted certificates as of Aug. 1, removing two methods of validation that have been exploited by malicious actors seeking legitimacy through domain certificates. The CA/B Forum Baseline Requirements no longer permit CAs to use the first validation method, which compared the domain certificate applicant’s contact information with domain contact information listed on domain name registrar databases. Until now, CAs could validate an applicant’s contact information with domain contact information returned by a “whois” query to the domain registrar. Also deprecated was the fifth validation method, which “allowed lawyers to write letters asserting ownership of domain names, a subject they are generally not qualified to evaluate,” wrote Timothy Hollebeek, industry and standards technical strategist at DigiCert, in a blog post announcing the move. “Neither of these methods were particularly secure, and we led the effort to get them removed, as part of an overall focus on improving validation standards.”

For Sale – 5 * new and sealed WD RED 4tb wd40efrx

Hi all,

i purchased 5 of these drives back in April for a project which i no longer will be doing. these are all sealed and havnt been used. Warranty is until oct 2020 (ive only checked one serial number).

Edit

only 3 left £100 each delivered

regards

Price and currency: £500
Delivery: Delivery cost is not included
Payment method: cash / BT
Location: Denham, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – 5 * new and sealed WD RED 4tb wd40efrx

Hi all,

i purchased 5 of these drives back in April for a project which i no longer will be doing. these are all sealed and havnt been used. Warranty is until oct 2020 (ive only checked one serial number).

Edit

only 3 left £100 each delivered

regards

Price and currency: £500
Delivery: Delivery cost is not included
Payment method: cash / BT
Location: Denham, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – 5 * new and sealed WD RED 4tb wd40efrx

Hi all,

i purchased 5 of these drives back in April for a project which i no longer will be doing. these are all sealed and havnt been used. Warranty is until oct 2020 (ive only checked one serial number).

Edit

only 3 left £100 each delivered

regards

Price and currency: £500
Delivery: Delivery cost is not included
Payment method: cash / BT
Location: Denham, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

TextWorld: A learning environment for training reinforcement learning agents, inspired by text-based games – Microsoft Research

Today, fresh out of the Microsoft Research Montreal lab, comes an open-source project called TextWorld. TextWorld is an extensible Python framework for generating text-based games. Reinforcement learning researchers can use TextWorld to train and test AI agents in skills such as language understanding, affordance extraction, memory and planning, exploration and more. Researchers can study these in the context of generalization and transfer learning. TextWorld further runs existing text-based games, like the legendary Zork, for evaluating how well AI agents perform in complex, human-designed settings.

Figure 1 – Enter the world of TextWorld. Get the code at aka.ms/textworld.

Text-based games – also known as interactive fiction or adventure games – are games in which the play environment and the player’s interactions with it are represented solely or primarily via text. As players moves through the game world, they observe textual descriptions of their surroundings (typically divided into discrete ‘rooms’), what objects are nearby, and any other pertinent information. Players issue text commands to an interpreter to manipulate objects, other characters in the game, or themselves. After each command, the game usually provides some feedback to inform players how that command altered the game environment, if at all. A typical text-based game poses a series of puzzles to solve, treasures to collect, and locations to reach. Goals and waypoints may be specified explicitly or may have to be inferred from cues.

Figure 2 – An example game from TextWorld with a house-based theme.

Text-based games couple the freedom to explore a defined space with the restrictions of a parser and game world designed to respond positively to a relatively small set of textual commands. An agent that can competently navigate a text-based game needs to be able to not only generate coherent textual commands but must also generate the right commands in the right order, with little to no mistakes in between. Text-based games encourage experimentation and successful playthroughs involve multiple game losses and in-game “deaths.” Close observation and creative interpretation of the text the game provides and a generous supply of common sense are also integral to winning text-based games. The relatively simple obstacles present in a TextWorld game serve as an introduction to the basic real-life challenges posed by text-based games. In TextWorld, an agent needs to learn how to observe, experiment, fail and learn from failure.

TextWorld has two main components: a game generator and a game engine. The game generator converts high-level game specifications, such as number of rooms, number of objects, game length, and winning conditions, into an executable game source code in the Inform 7 language. The game engine is a simple inference machine that ensures that each step of the generated game is valid by using simple algorithms such as one-step forward and backward chaining.

Figure 3 – An overview of the TextWorld architecture.

“One reason I’m excited about TextWorld is the way it combines reinforcement learning with natural language,” said Geoff Gordon, Principal Research Manager at Microsoft Research Montreal “These two technologies are both really important, but they don’t fit together that well yet. TextWorld will push researchers to make them work in combination.” Gordon pointed out that reinforcement learning has had a number of high-profile successes recently (like Go or Ms. Pac-Man), but in all of these cases the agent has fairly simple observations and actions (for example, screen images and joystick positions in Ms. Pac-Man). In TextWorld, the agent has to both read and produce natural language, which has an entirely different and, in many cases, more complicated structure.

“I’m excited to see how researchers deal with this added complexity, said Gordon.”

Microsoft Research Montreal specializes in start-of-the art research in machine reading comprehension, dialogue, reinforcement learning, and FATE (Fairness, Accountability, Transparency, and Ethics in AI). The lab was founded in 2015 as Maluuba and acquired by Microsoft in 2017. For more information, check out Microsoft Research Montreal.

This release of TextWorld is a beta and we are encouraging as much feedback as possible on the framework from fellow researchers across the world. You can send your feedback and questions to textworld@microsoft.com. Also, for more information and to get the code, check out TextWorld, and our related publications TextWorld: A Learning Environment for Text-based Games and Counting to Explore and Generalize in Text-based Games. Thank you!

For Sale – 5 * new and sealed WD RED 4tb wd40efrx

Hi all,

i purchased 5 of these drives back in April for a project which i no longer will be doing. these are all sealed and havnt been used. Warranty is until oct 2020 (ive only checked one serial number).

Edit

only 3 left £100 each delivered

regards

Price and currency: £500
Delivery: Delivery cost is not included
Payment method: cash / BT
Location: Denham, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – 5 * new and sealed WD RED 4tb wd40efrx

Hi all,

i purchased 5 of these drives back in April for a project which i no longer will be doing. these are all sealed and havnt been used. Warranty is until oct 2020 (ive only checked one serial number).

i am looking to sell as one lot for £500.

regards

Price and currency: £500
Delivery: Delivery cost is not included
Payment method: cash / BT
Location: Denham, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.