Do we know what we 🛡️trust? | The 'Cyber Trust' mark
#171 - Big tech won the battle for our attention. The battle for trust is in full swing.
We no longer know what to trust
And it is not spiritual or metaphorical.
Misinformation
What is the best way to spread misinformation / disinformation? It is by deliberately removing processes that ensure reasonable fact checking and replacing it with volunteers.
Uncle Zuck has decided to go the X way and disband Meta’s fact checking unit.
We know what happens with volunteering based services. There is a lack or accountability which leads to inconsistency and delays. If you have even the slightest doubt that this might work, just think of how many people sign up to volunteer for their favorite charities and how many actually show up.
We inherently know that whatever is published on Facebook or Instagram is made by other people (mostly) and that we can choose to trust it or not, but when it comes to purpose built AI, the line blurs.
Un-trustworthy 🤝 AI
Generative AI, be definition, has to be a little erm… ‘creative’ or the technical term is ‘Temperature’. This decides how much from the available datasets is the AI allowed to move away or hallucinate.
Building critical AI models like medical LLMs etc, allow very little room for hallucination. However, even if you build the model which sticks to the truth in your datasets, it is surprisingly easy to poison the dataset. The article suggests that changing just 0.001% of inputs to misinformation makes the AI less accurate. The scary part?
This doesn't even require access to the LLM itself; it simply requires placing the desired information somewhere where it will be picked up and incorporated into the training data. And that can be as simple as placing a document on the web
Since the purpose built AI learns from specific sites on the internet, it only requires misinformation to be placed strategically on a few forums and the AI will learn it!
Talking of learning from the internet as a source, what about AI models that learn from the dark corners of the internet?
Is it mine or the AI’s?: AI and ©️Copyrights
Is it a copyright violation if I learn from data that you have published on the internet for everyone to read and then use it in my own words?
Meta says No. Some authors say Yes.
A legal battle is ongoing between Meta and a few authors about copyright violation by Meta’s popular 🦙Llama LLM about this.
The battle took an interesting turn when some documents were released that showed Llama learning from piracy sites such as LibGen. These websites offer pirated books and Meta learned from the books that were distributed through these torrents!
Now, that is a definite copyright violation.
The battle for trust is truly on in 2025.
Take Action:
If you have read this and know people who still believe everything sent or social media, try to create awareness about the difference between news and opinions on social media. Teach them to not trust everything you read on social media. (I have been phenomenally unsuccessful with my Dad in spite of multiple 🍺 sessions together)
An easy to read label 🏷️ for cybersecurity in connected devices
Why not have security labels, just like quality labels on all tech products? It’s not as easy, but we have a start.
When one institution fails us in the battle for trust, another one steps in, trying to help. An unlikely salvo in this battle of trust comes from the US government. It launched a voluntary cybersecurity labeling program for wireless interconnected smart products.
The FCC program encourages manufacturers to voluntarily get their devices certified with the US Cyber Trust Mark. The program website is here.
The objective, as the FCC says, is:
We believe that just as the ENERGY STAR program educated the public and created incentives for manufacturers to offer more energy-efficient appliances, our cybersecurity labeling program will pave the way for more secure smart products.
Clearly labeled consumer products will result in a more secure experience for the retail consumer.
Take Action:
If you have choice between a device with a Cyber Trust Mark and one without, choose the one with the mark. Spread awareness about the cyber trust mark. This will encourage more and more manufacturers to adopt the cyber trust mark.