It's not just a "hardware RNG". An RNG outputs a uniform distribution. This hardware outputs randomness with controllable distributions, potentially extremely complex ones, many orders of magnitude more efficiently than doing it the traditional way with ALUs. The class of problems that can be solved by sampling from extremely complex probability distributions is much larger than you might naively expect.
I was skeptical of Extropic from the start, but what they've shown here exceeded my low expectations. They've made real hardware which is novel and potentially useful in the future after a lot more R&D. Analog computing implemented in existing CMOS processes that can run AI more efficiently by four orders of magnitude would certainly be revolutionary. That final outcome seems far enough away that this should probably still be the domain of university research labs rather than a venture-backed startup, but I still applaud the effort and wish them luck.
> In the end, Proven’s lawsuit likely cost the company serious time and cash—and generated little but bad publicity.
There's no such thing as bad publicity. People say this for a reason. It's true. I'm willing to bet that their sales have only increased since this started.
There's absolutely such a thing as bad publicity. Entire products and even companies have tanked because of bad publicity. I don't know why this myth continues to be so prevalent.
You're right! I'm off to the next Fyre festival and making sure my bag is secure with a Proven lock..... I wonder if Dassani still exist so I definitely can quench my thirst.
I also recently subscribed to ConsumerLab, and I'm glad I did. I wish they could test products more frequently as things are bound to change from batch to batch, but it's a whole lot better than nothing.
I don't take a lot of supplements, but I won't buy even one without some form of third party testing.
Another reason people use Nvidia. You know that Nvidia is the most used backend and the most likely to have this kind of bug found and fixed before you encounter it.
Seems to me that a camera like this is necessarily, at least in part, a closed system that blocks you from controlling the software or hardware on the device you supposedly own. It's hard for me to think this is a good direction. And as others have pointed out, it can't prevent attacks through the analog hole, e.g. photographing a display.
It's not feasible or desirable for our hardware devices to verify the information they record autonomously. A real solution to the problem of attribution in the age of AI must be based on reputation. People should be able to vouch for information in verifiable ways with consequences for being untrustworthy.
> camera like this is necessarily, at least in part, a closed system that blocks you from controlling the software or hardware on the device you supposedly own
Attestation systems are not inherently in conflict with repurposeability. If they let you install user firmware, then it simply won’t produce attestations linked to their signed builds, assuming you retain any of that functionality at all. If you want attestations to their key instead of yours, you just reinstall their signed OS, the HSM boot attests to whoever’s OS signature it finds using its unique hardware key, and everything works fine (even in a dual boot scenario).
What this does do is prevent you from altering their integrity-attested operating system to misrepresent that photos were taken by their operating system. You can, technically, mod it all you want — you just won’t have their signature on the attestation, because you had to sign it with some sort of key to boot it, and certainly that won’t be theirs.
They could even release their source code under BSD, GPL, or AGPL and it would make no difference to any of this; no open source license compels producing the crypto private keys you signed your build with, and any such argument for that applying to a license would be radioactive for it. Can you imagine trying to explain to your Legal team that you can’t extract a private key from an HSM to comply with the license? So it’s never going to happen: open source is about releasing code, not about letting you pass off your own work as someone else’s.
> must be based on reputation
But it is already. By example:
Is this vendor trusted in a court of law? Probably, I would imagine, it would stand up to the court’s inspection; given their motivations they no doubt have an excellent paper trail.
Are your personal attestations, those generated by your modded camera, trusted by a court of law? Well, that’s an interesting question: Did you create a fully reproducible build pipeline so that the court can inspect your customizations and decide whether to trust them? Did you keep record of your changes and the signatures of your build? Are you willing to provide your source code and build process to the court?
So, your desire for reputation is already satisfied, assuming that they allow OS modding. If they do not, that’s a voluntary-business decision, not a mandatory-technical one! There is nothing justifiable by cryptography or reputation in any theoretical plans that lock users out of repurposing their device.
> A real solution to the problem of attribution in the age of AI must be based on reputation
This is actually one of the theoretical predictions from Eliezer Yudkowsky, who says that as information becomes less and less verifiable, we're going to need to re-enter a pre-information-era - where people will have to know and trust the sources of important information they encounter, in some cases needing to hear it first hand or in person.
It's not enough that the photograph is signed and has metadata. Someone has to interpret that metadata to decide authentic versus not. One can have an "authentic" photo of a rear projection screen. It wouldn't be appropriate to have an "authentic" checkmark next to this photo if it claims to not be a photo of a rear projection screen. The context matters to authenticity.
Secondly, the existence of such "authentic" photos will be used to call all non-authenticated photos into doubt.
So it doesn't even really solve any problem, but creates new problems.
Yes, that might make these fake-proof cameras popular, to the point where people start putting in the necessary effort to defeat them by monkeying around with the time server and the depth sensor and the gps signal. Then you get a really well-supported fake image that's very effective because it's authenticated.
Practically I think there are situations where it is not so black and white. Like camera footage used as evidence in a court case. Signing a video with a public key would give some way to verify the source and chain of custody. Why wouldn't you in that situation? At a minimum it makes tapering harder and weakens false claims that something has been tampered with.
I don't think reputation gets you that far alone, we already live in a world where misinformation spreads like wildfire through follower counts and page ranks.
The problem is quality takes time, and therefore loses relevance.
We need a way to break people out of their own human nature and reward delayed gratification by teaching critical thinking skills and promoting thoughtfulness.
I sadly don't see an exciting technological solution here. If anything it's tweaks to the funding models that control the interests of businesses like Instagram, Reddit, etc.
Why can't posting a verifiably true image create as much or more instant gratification as sending a fake one? It will probably be more gratifying, once everyone is sending fake ones and yours is the only real one (if people can know that).
Sure, but you were asking why truth is less gratifying.
Also, "truth" is clearly something that requires more resources. It is a lifelong endeavour of art/science/learning. You can certainly luck into it on occasion but most of us never will. And often something fictional can project truth better than evidence or analysis ever can. Almost everything turns into an abstraction.
No, that is a nihilistic belief which does not get buildings built or software written.
One may "luck" into truth by being born in a poor neighborhood or by living in a warzone, and having eyes and a camera. Or by being rich and invited to a club and having a microphone.
Truth is everywhere, but capturing it is expensive. The tax on truth is the easy spread and generation of lies. The idea that the fictional can encapsulate truth is of course true, but it doesn't mean everything is better an abstraction. Losing a leg is more powerful as a reality than as an abstraction. Peddlers of falsehoods, then, only win when truth can be abstracted.
Moreover: People who read literature read it knowing it stands in for truth. People who watch TikTok believe it is true, and are disenchanted when shown otherwise. More power resides in a grain of truth than a mountain of falsehood; so any tool for proving veracity will always have an outsized value against tools for generating fakes.
The last redoubt of propagandists when faced with the threat of truth is to claim that no one cares anymore what's true. But that's false. In fact, that's when they begin to fool themselves. It's not that no one in China or Russia values the truth, for instance. It's just that they say what they're told to say, and don't believe a word of it.
We do not need "proof". We lived without it, and we'll live without it again.
I grew up before broadband - we survived without photographing every moment, too. It was actually kind of nice. Social media is the real fluke of our era, not image generation.
And hypothetically if these cryptographic "non-AI really super serious real" verification systems do become in vogue, what happens if quantum supremacy beats crypto? What then?
You don't even need to beat all of crypto. Just beat the signing algorithm. I'm sure it's going to happen all the time with such systems, then none of the data can be "trusted" anyway.
I'm stretching a bit here, but this feels like "NFTs for life's moments". Designed just to appease the haters.
You aren't going to need this stuff. Life will continue.
This worked because we also used to have significantly better and more trustworthy news organisations that you could just trust did the original research and verified the facts. Now they just copy stories off Reddit and make up their own lies.
Back to the time before photographs then - the 1800s.
Crime scene photographs won't be evidence anymore. You photograph your flat (apartment) when you move in to prove that all the marks on the walls were already there and that won't be evidence anymore. The police mistreat you but your video of it won't be evidence either. etc
Jeep just had an OTA update cause the car to shut down on the highway (it is rumored).
Before we put computers in cars, we had the myriad small things that would break (stuck doors, stuck windows, failed seals, leaking gaskets), a continuous stream of recalls for low-probability safety issues, and the occasional Gremlin or Pinto.
My favorite example is the Hyundai Elantra. They changed the alloy used in one of the parts in the undercarriage. Tested that model to death for a year, as they do, but their proving ground is in the southern United States.
Several winters later, it turns out that road salt attacks the hell out of that alloy and people have wheels flying off their cars in the middle of the road.
Not really. Does the car still drive? That sounds like a software bug; hardly indicative that the entire car is held together with duct tape, but a pretty bad bug non the less.
So i can't remember the specifics or find any references, but many years ago i remember reading about a car (prius maybe?) that would shut off and lock the doors when pulling away from a stop. (Ex: stopped at a red light, when it turns green the car would go far enough to cut off in the middle of an intersection then trap everyone inside.)
More accurate: a mom-n-pop grocery store has its listing on Google Maps changed to PERMANENTLY CLOSED DUE TO TOXIC HEALTH HAZARDS because the mom-n-pop grocery store didn't submit Form 26B/Z to Google. There was never any health hazard, but now everyone thinks there is, and nobody can/will go there. The fact that Form 26B/Z exists at all is problematic, but what makes it terrible is the way it's used to punish businesses for not filling out a form they didn't know existed.
This is an excellent analogy because it is incumbent upon businesses to follow all the laws, including the ones they don't know about. That's one of the reasons "lawyer" is a profession.
Google doesn't have the force of law (it's in this context acting more like a Yelp: "1 star review --- our secret shopper showed up and the manager didn't give the secret 'we are not criminals' hand sign"), but the basic idea is the same: there is a complex web of interactions that can impact your online presence and experts in the field you can choose to hire for consulting or not.
Didn't used to be that way, but the web used to be a community of 100,000 people, not 5.6 billion. Everything gets more complicated when you add more people.
The other commenter's analogy of a small-business is better I think, the issue with the browser problem is that it doesn't hinder one person getting to one house, it hinders all persons getting to one place the owner _wants_ people to get to easily.
The browser issue can destroy a small business, one thing I think we can universally agree we don't want. If all of the people who come looking for it find it's being marked as malicious or just can't get there at all, they lose customers.
Worse yet, is that Google holds the keys because everyone uses Chrome, and you have to play their game by their rules just to keep breathing.
Here's the thing though: if someone else held the keys, the scenario would be the same unless there was no safe browsing protection. And if there were no safe browsing protection, we'd be trading one ill for another; small business owners facing a much steeper curve to compete vs. everyone being at more risk from malware actors.
I honestly don't immediately know how to weigh those risks against each other, but I'll note that this community likely underestimates the second one. Most web users are not nearly as tech- or socially-savvy as the average HN reader and the various methods of getting someone to a malware subdomain are increasingly sophisticated.
Yikes. I missed that. Makes sense it wasn't just the station it was tuned to but the particular data they broadcasted; insane there was no way to power reset the system into a good state.
It's possible that if you had more cat dander in your mouth when you were a baby that you wouldn't have developed an allergy. Or, more likely, if you had more mouth exposure to other natural microbes that occur outdoors and around animals, then you would have fewer allergies overall. That is well supported by the evidence.
> The system is designed to not pose a risk to human life in the worst case event of a collision. This is what the FAA 101 and ICAO weight limits are for. And indeed, there were no serious injuries and no depressurization event to my knowledge as a result of the collision.
This seems close to a worst case scenario for this failure mode, and everyone is still OK. I consider that good engineering.
WindBorne cofounder CEO (John Dean) here -- Thanks, indeed I think that a strike to the cockpit glass, in the corner where there is more stress concentration, is one of the worst places to hit for human safety. And indeed the system was designed to be safe in the event of a collision.
But still, in light of this I think we can do better. I think it's possible to operate the way we do and have a the mass distributed such that the only damage is ever cosmetic. We follow FAA 101 regulations on this but I want to have better internal impact modeling as well.
Hats off to you and your company. I wish more companies could put up a notice like you did, much less show up as a CEO on frickin' HN and be willing to take responsibility as well as desire to do better. I honestly am a little confused how a person like you exists. The FAA should put someone like you in charge of Boeing.
Please put pressure on the FAA to do better too. NOTAMS, as they currently are, are pretty useless, and allowing unmanned vessels to output ADS-B could be extremely beneficial.
Yea, the FAA does a lot and I think overall they do a great job, but I wish there was better systems for communications here. I think ultimately companies like WindBorne just have to go above and beyond what is required if they want to operate at scale safely in this space. And no one else operates balloons at the scale that we do, and safety has to be built into the design and operations regardless of how the official systems work.
It’s great that you’re taking responsibility at all, but in my opinion, a better system would be not releasing balloons that could impact aircraft in places that aircraft fly.
If that means that either you can’t release balloons or the aircraft can’t fly, then that’s a discussion that we should have about which we value more.
When I buy a ticket to fly on a aircraft, I do not want to know that I’ll probably survive if my plane hits a weather balloon, I want to know that my plane won’t hit a weather balloon.
I understand there are all sorts of inherent risks in aviation, and that if I want to fly, I must accept those risks. But hitting a balloon is not an inherent risk of flying, it’s a risk imposed on by others.
It's unfortunate that this happened, but this will help drive better engineering decisions in the future for everyone. Glad everyone is mostly okay from this!
No, because the plane is designed to safely fly without an engine. They test the engines by shooting turkeys from the grocery store into them while they run.
Afterwards, they ship the entire engine, with turkey giblets and all, to a lab where the resulting damage is analyzed. Smells awful, according to the engineer I sat next to at a Thanksgiving dinner once...
I think GP meant structural damage to the airframe. That said, I think there are some modes of structural damage a modern plane can sustain and still fly, but to gp's point, probably not many.
The FAA limits the mass of a weather balloon for this reason. I also would not be surprised to see new regulation on the distribution of that mass as a result of this incident.
There are some limitations on such balloons already. For example, if the payload is 4-6lbs, stricter rules apply if the weight/size ratio is greater than three ounces per square inch (measured by the smallest surface on the payload).[1]
Also for larger balloons, any trailing antenna must break if subjected to an impact force of 50lbs, or the antenna must have colored streamers every 50ft.
The ideal measurement would be some sort of crash testing. eg: The payload is accelerated at some standard velocity towards some standard target that represents the weakest part of an airplane (either cockpit glass or leading edge of a wing) and must not damage the target beyond some threshold. But that seems like it would be expensive, since every change in payload would require re-testing. Limits on sectional density seem like a good compromise.
A reminder to those who presume regulators make the right decisions, a cheap ADSB out transponder would have prevented this incident, but putting one on a weather balloon is prohibited by the FAA.
An ADSB transponder, along with supporting electronics and battery will add to the weight of the aircraft. It makes it safer in one way, and less safe is another. This isn't quite the "slam dunk" you seem to believe.
Weather balloons already have restrictions on weight to minimize the consequences of collisions. The issue is that even if you can add a transmitter and meet the weight requirements, it's currently not possible to legally broadcast ADS-B data from a weather balloon.
They would need to increase the weight requirements if they're to add ADSB. Current ADSB transponders weigh as much as the entire weather balloon's package. Then add on the pounds of weight for batteries.
The uAvionix ping200X weighs 50 grams according to its datasheet.[1] With a 1.5W continuous power draw, a 60 gram lithium battery would power it for 8 hours, for a total of 110 grams. WindBorne balloons weigh 1.1kg at launch (including ballast), and the FAA limit for such balloons is 2kg.
The balloons likely already have batteries and GPS receivers. An extra radio and antenna would add a few grams of weight and tens of mW of power consumption. That could be well under one percent more weight.
It's much, much lighter than a radar reflector, which aircraft weather radar displays aren't even designed to display.
The FCC requires that airborne transmitters identify themselves by broadcasting the an FAA designator such as the aircraft registration number.[1] The FAA has no identification or registration process for small weather balloons. So this effectively prohibits them from broadcasting. It's possible to add a radar reflector, but they add significant weight and bulk to the balloon's payload. I think reflectors are only required for larger weather balloons.
I'm confused about where the prohibition is. N991SS is an example of an FAA aircraft registration number for a balloon; I looked it up myself on the FAA N-number inquiry site to confirm. Your link does not talk about balloons at all. Where does the FAA prohibit weather balloons here? It sounds like it's just physically not possible to carry a transponder or reflector on a small weather balloon? But that's different than what the earlier posts were suggesting. It seems like it's physics preventing ADS-B on small balloons, not the FAA. If you did manage to get ADS-B on your balloon somehow, could you not register the balloon like the owners of N991SS did?
That balloon has a payload of up to 55lbs, so it follows different rules. WindBorne balloons are 1.1kg including the initial ballast.
There are ADS-B transmitters that weigh 50 grams and would require 60 grams of batteries to power them for 8 hours, so payload limitations are not an issue for WindBorne.[1]
The CEO of WindBorne replied to a comment about the inability to use ADS-B on weather balloons saying, "Yea, the FAA does a lot and I think overall they do a great job, but I wish there was better systems for communications here."[2] So I'm reasonably confident that my understanding is correct.
Sorry to drive by, but weather balloons like Windborne produces are deployed for a lot longer than eight hours. Many are up for more than two weeks, some even exceeding a month.
Government regulators have NOT failed. The CEO already pointed this out - hitting the front windshield on a corner at cruise speed is the worst possible case for a collision like this.
Once pilot got some light shrapnel and the airplane successfully landed with zero deaths. This is such a rare collision that people attributed it to SPACE DEBRIS initially.
The only fix I'd like to see the government make is allowing lightweight objects to broadcast transponder data. Even if they don't do that, another 50 years will probably pass before the next collision of this type.
The problem is we don't have a garbage collection method to get rid of counterproductive or even insane regulations, so they build up into a choking plaque over time.
There is a mechanism for this, internationally usually named some variant of a Law Commission [0]. The idea is to look for laws that are technically in effect but can rarely or never be applied. For example, the UK Law Commission boasts a repeal of 3000+ acts in its time [1], such as repealing rules for conducting slave trades that were made obsolete in the 1800s but not repealed at the time.
In addition to the sibling comment's mention of the Congressional Review Act for agency oversight, there is a US Office of the Law Revision Counsel [2]. It has an official website [3] which is beautifully old-fashioned, but looks to be purely a resource for accessing the letter of the law and doesn't recount its volume of repeals in the same way.
None of this matters if the insane or counterproductive regulations are deliberate and desirable for the current lawmakers, of course.
An agency can remove a regulation it created.
Congress (via the linked law) can also remove a regulation.
Congress can also create regulations via legislation (though they typically don't go to that level of detail).
And we have to remember, at one point, every regulation that exists was created to solve a problem / prevent a harm. The cost of removing that regulation prematurely is reintroducing that problem / harm.
The problem is more about regulatory capture. An industry adapts to a regulation, and creates winners and losers. Once the regulation no longer makes sense (costs taxpayers/consumers more than it benefits), those who are winning from it have a strong interest in keeping it around anyway.
A good example is the state franchise laws against car manufacturers owning dealerships. Why can't Toyota sell me a car directly? Direct manufacturer sales seem to work fine in other contexts (e.g. Ikea). In Europe they're moving more and more direct sales. There's no good reason to keep them here in the US, but the dealership owners who benefit from these laws are the only people impacted directly enough to bother hiring lobbyists.
Agreed. And, IMO, the fix to regulatory capture isn't adding a mechanism to directly make deregulation easier. Instead, it's to (somehow) remove the money from politics/campaigning.
Half the legislature campaigns on not doing anything if they get elected, though, and when they get elected, you get... Well, you get a lot of different things, most of them awful.
This is polycrystalline diamond, which probably scatters phonons anyway, so it seems naively like using a single isotope wouldn't help much. But that's definitely an interesting fact and I think you're right that it probably wouldn't add much expense when the amount of material is so small.
I'm not sure that's too dominant? The thermal conductivity reported is close to the natural diamond, so increasing the conductivity of the individual microcrystals could still be significant.
I was skeptical of Extropic from the start, but what they've shown here exceeded my low expectations. They've made real hardware which is novel and potentially useful in the future after a lot more R&D. Analog computing implemented in existing CMOS processes that can run AI more efficiently by four orders of magnitude would certainly be revolutionary. That final outcome seems far enough away that this should probably still be the domain of university research labs rather than a venture-backed startup, but I still applaud the effort and wish them luck.