Markets work best when rules are simple, easy to understand, and easy to enforce. The CFPB is seeking to move away from highly complicated rules that have long been a staple of consumer financial regulation and towards simpler and clearer rules. In addition, the CFPB is dramatically increasing the amount of guidance it is providing to the marketplace, in accordance with the same principles.
Abstract: The high energy costs of neural network training and inference led to the use of acceleration hardware such as GPUs and TPUs. While such devices enable us to train large-scale neural networks in datacenters and deploy them on edge devices, their designers’ focus so far is on average-case performance. In this work, we introduce a novel threat vector against neural networks whose energy consumption or decision latency are critical. We show how adversaries can exploit carefully-crafted sponge examples, which are inputs designed to maximise energy consumption and latency, to drive machine learning (ML) systems towards their worst-case performance. Sponge examples are, to our knowledge, the first denial-of-service attack against the ML components of such systems. We mount two variants of our sponge attack on a wide range of state-of-the-art neural network models, and find that language models are surprisingly vulnerable. Sponge examples frequently increase both latency and energy consumption of these models by a factor of 30×. Extensive experiments show that our new attack is effective across different hardware platforms (CPU, GPU and an ASIC simulator) on a wide range of different language tasks. On vision tasks, we show that sponge examples can be produced and a latency degradation observed, but the effect is less pronounced. To demonstrate the effectiveness of sponge examples in the real world, we mount an attack against Microsoft Azure’s translator and show an increase of response time from 1ms to 6s (6000×). We conclude by proposing a defense strategy: shifting the analysis of energy consumption in hardware from an average-case to a worst-case perspective.
Attackers were able to degrade the performance so much, and force the system to waste so many cycles, that some hardware would shut down due to overheating. Definitely a “novel threat vector.”
Seven and a half years ago, I wrote that RFC2616 is dead, replaced by RFCs 7230-5.
Now, it’s those specifications’ turn to be retired. The RFC is dead; long live the RFC!
The emergence of HTTP/2 and now HTTP/3 have made it clear that HTTP’s “core” semantics don’t change between protocol versions. For example, methods and status codes mean the same thing no matter what version of the protocol you use; with a few exceptions, the same can be said about header fields.
However, RFC7231 entangled the definition of these core semantics with the specifics of HTTP/1.1. Given the progression of new protocol versions, the HTTP Working Group decided that it would be better to have a clear, generic defintion of the versionless semantics of HTTP separated from the individual wire protocols that people use.
That led us to rearrange HTTP into three documents:
HTTP Caching - split into a separate document for convenience, but also versionless
HTTP/1.1 - everything that’s specific to that textual wire protocol
The revision of HTTP/2 and the brand-new HTTP/3 (based upon QUIC) are being simultaneously published and both rely upon the first two documents.
Beyond the refactoring described above, we also were able to address over 475 issues. Most of these were yet more clarifications of the text, but changes were also made to mitigate security and interoperability issues.
There were simplifications in terminology across the board (for example, we have a whole new set of terms to describe header and trailer fields), and a lot of rearrangement to make it easier to find relevant information.
HTTP field names now have their own registry to make them easier to track down. The operation of HTTP trailer fields was refined to make them more functional; time will tell if they get used more than they currently do.
In Caching, we made a number of updates to improve interoperability, including giving more nuance guidelines about how stored headers should be updated and refining how cache invalidation operates. Many of these changes were based on data we gathered from the HTTP caching tests.
Maybe. Both the Working Group and the editorial team really need a break.
However, I believe that when a protocol is important as HTTP, it needs constant maintenance and documentation improvements. Consider DNS in comparison; while there is interop in that community, that’s largely because there’s a group of “insiders” who know how the protocol really works, rather than good specification (although there are efforts to fix that, if only informally). Also, HTTP is implemented and directly used by a much broader community of developers.
History also indicates that if HTTP continues to serve people’s needs, we’ll need to refine and better document the corner cases as the protocol gets used for even more things and in new, interesting ways.
That means that you shouldn’t bother remembering the RFC numbers of the documents above; they only identify a version of the documents. The latest and most relevant HTTP specifications will always be listed on the HTTP Working Group Specifications page; I’d recommend using that as a starting point.
Thanks to my co-editors Roy and Julian, our Working Group chair Tommy, our Area Directors Francesca and Barry, and everyone who reviewed and commented on the documents; it’s been a lot of fun.
The Pentagon’s research arm is drawing inspiration from vascular systems in nature to develop new capabilities that can be integrated deep within crumbling or aging concrete of certain military structures and pavements to promote self-repair and extend their usability.
Decades-old structures like missile silos and naval piers and newer airfield pavements in expeditionary settings are vital to Defense Department operations, but they endure a great deal of deterioration and damage. No existing technology at this point offers nonstop crack-fixing far inside such marine or buried infrastructures, or prolonged repair of repeatedly used runways in austere environments.
Full proposals from potential partners interested in competing for funding and helping drive this biotechnology-based innovation are due June 17. Select participants will work with DARPA to engineer and operationalize “vascularizing effectors,” or what can be thought of as agents that form structures and connections way into in-decline concrete constructions to revamp them and improve their durability, similar to how vascular systems in nature move nutrients and support healing in living organisms and ecosystems.
“The broad agency announcement uses the terminology of ‘a vascularizing effector’ — and that is, so, we don’t prescribe that. The reason for that is because there could potentially be a variety of different approaches, and we don’t want to constrain the solution space,” explained Dr. Matthew Pava, a program manager leading this work for DARPA’s Biological Technologies Office (BTO).
That term and other elements of this program are being left somewhat open-ended early on, he noted, which sometimes makes sense for innovation-pushing pursuits with emerging and disruptive technologies. In a recent interview with FedScoop, Pava shed light on the roots of this nature-inspired program, the phases planned and how ethical implications will be addressed as it all unfolds.
From biotechnology to concrete
Much of DOD’s strategic facilities associated with shoreside and hardened terrestrial infrastructure were built in the 1940s and ‘50s. They’re also largely made of steel-reinforced concrete.
“A lot of the infrastructure dates from the mid-twentieth century to earlier, yet it still retains strategic and operational value today, and it’s likely to continue to do so in the future. And our ability to replace all of this on a short timescale is just not there,” Pava noted. “So, to that end, what we wanted to do on this program is to explore whether it’s possible to create a technology that can extend the longevity of extant infrastructure.”
Aside from this long-term issue of aging structural concrete, DOD officials also have to rapidly repair aircraft-supporting pavements in challenging conditions with limited resources, like after an attack.
Obstacles around preserving and permeating concrete with support, in both scenarios, exist related to transporting substances for crack healing and prevention throughout the three-dimensional bulk of cement material.
There isn’t applicable concrete-penetrating technology yet to address this, but in the 55-page BAA, DARPA officials note that many “biological systems solve this problem via vascular networks that are typically composed of filamentous structures.”
Such structures are typically elongated, thin and threadlike.
“There’s vascular systems in complex multicellular organisms like mammals — like us. We have the cardiovascular system that’s involved for moving blood, which carries a variety of different compounds for supporting metabolism and healing processes throughout your body, as well as removing waste. However, there are other types of vasculature that we see in other parts of nature,” Pava explained.
For instance, he noted, some Earth-based ecosystems have symbiotic relationships between organisms, such as those between filamentous fungi and plants, as well as other organisms like bacteria that reside in that environment. One function of those filamentous fungi, in this context, is to move material from what Pava said is essentially a “source to a sink.”
That sink is often a symbiotic partner of the fungus that supports the sort of mutualism between the two organisms.
“The interesting thing is some of these soil-dwelling filamentous fungi can be really large organisms — spanning many acres of land — and so they can move material quite some distance,” Pava explained. “So, that was kind of one part of the inspiration, and really what drove us to that was thinking about some of the challenges that you have in sustaining concrete infrastructure.”
Vasculature and infrastructure may seem totally inapplicable to one another, but not when considered through the lens of Pava’s expertise.
After earning a doctorate in neuroscience, he went on to serve as a postdoctoral fellow at the National Institute on Alcohol Abuse and Alcoholism. He founded and moderated a scientific interest group on chronobiology and sleep while at the National Institutes of Health (NIH), and then worked as a senior scientist in the Human Systems and Autonomy research area at Lockheed Martin’s Advanced Technology Laboratories, where he conducted DARPA-funded research.
There, his colleagues had a range of expertise — just not in biology. That, in Pava’s view, helped stretch his interests out beyond his carefully crafted academic niche. While at a conference with lab colleagues, he heard a discussion on concerns around DOD’s long-used facilities.
“And that really kind of sparked my interest. They specifically were talking about some of the challenges in aging concrete and some structures they were discussing. And I just sort of started to wonder, given that kind of expanded background of thinking about biotechnology more broadly than just medicine, could there be an application of biotechnology or a bio-inspired technology to address problems such as that?” Pava explained. “But it is not a linear train of thought to go from biotechnology to concrete.”
Not a perpetual motion machine
The bio-inspired effectors that Pava and his team want to help engineer and operationalize through BRACE will need to both “integrate deep within aged concrete to form a healing ‘vasculature’ for ongoing repair,” and also “combine with new concrete to increase the durability of airfield pavement repairs,” according to the BAA.
Consequently, this work is organized to be executed over two parallel program tracks. Participants will develop vascularizing technologies with a more long-term focus for buried, hardened or shoreside structures under the Strategic Track — and also those for rapid expeditionary airfield pavement repair use cases under the Tactical Track.
Approaches could involve rock-inhabiting microorganisms supporting repair, or other solutions.
“When we’re thinking about challenges on the Strategic Track, which is focused on largely steel-reinforced structural concrete, we’re thinking about crack propagation,” Pava said, noting that “if you’re talking about a large concrete element [it] can be quite distant.”
One difficulty associated with repairing dated federal infrastructure involves trying to gain access to the interior deep within such massive pieces of concrete, where some sort of healing substance could potentially then be driven in to fix them.
“To that end, for our approach we’re asking proposers to engineer a strategy that will form a vascular structure in concrete, exploiting the pores and cracks that one would anticipate in an aging piece of concrete to establish that vasculature and promote healing — and critically, once that vasculature is in place, continuing to promote healing over time, because you repair a piece of concrete and then over time, of course, it will continue to degrade. So, we’re looking for something that provides some prolonged functionality,” Pava said.
The Tactical Track is “focused on something that’s probably a fairly unique challenge in the DOD,” he added.
It homes in on “far-flung” airfields the military depends on in austere settings. When those assets in resource-poor and hard-to-reach places are attacked, traditional repair processes are tough to achieve.
“What we’d like to see is if we have a technology that can be applied to existing aged concrete to initiate a prolonged repair capability, can we kind of adapt that or develop a related technological approach that speeds up the time scale of a repair, such that we can extend the durability of repairs made in that austere expeditionary setting?” Pava said.
Another notable component of this research is that DARPA wants proposers to explore enabling and using “non-destructive evaluation approaches” to monitor the function of the embedded vasculature and concrete and ultimately ensure that it all does what it’s meant to as time progresses.
“[For] the people that are responsible for doing repairs, what we don’t want to do is create a technology that you apply to concrete — supposedly initiating a prolonged repair capability by integrating in-depth into material where you can’t see it — and then have people assume that everything is fine and lower their guard,” Pava explained. “So, we want a way that we can monitor the technology over time.”
Officials will essentially explore if the capabilities can be designed to not only fix damages in the concrete, but provide inspection data and other signals that can in turn be applied to novel models that could make predictions about the serviceability of the structure that has been vascularized, as time goes on. The idea is to help individuals fully grasp how they’ve extended structures’ longevity, but also pinpoint places in the concrete where the vascular repair process may not be working and needs further remediation.
“So can we build in facets of that technology that allow eventual users to capitalize on information that we can glean from it?” Pava said.
Multiple awards could be made under this BAA, and the amount of funding DARPA provides will ultimately depend on proposals received and resources available. Divided into three phases, the BRACE program will unfold over about 54 months or 4.5 years
Pava added that from a technical perspective, it’s important to agency officials that expectations remain realistic over that period.
“We aren’t really seeking to create a perpetual motion machine here. I mean, at some point in time, one would anticipate that you’re going to have to rebuild and recapitalize. But the goal here is to extend out the longevity of the serviceability of the infrastructure that we have now, so we have a longer window of time to use what we have, and then maybe thoughtfully replace it when and where needed across that window,” he said.
Demonstrations are anticipated at the end of each impending phase, but exactly where they will happen is also not yet determined. At this point, there’s a chance the demos could occur in mock experimental structures, actual government concrete structures — or a mix of both.
“We’ve built into the program planned regulatory milestones where performers are going to have to interact with regulatory bodies that would be appropriate for a field test in an actual structure. The ability to do those field tests is clearly predicated on the ability to obtain appropriate permitting. So, kind of within that framework, our goal, our hope at this moment in time is that we can proceed along that trajectory — we can do a trial in an actual aging structure to essentially show proof-of-principle can be used, that it is effective, and to de-risk additional studies that will be required to continue to assess sort of long-term efficacy of a solution that comes out of the research of this program,” Pava said.
Relatedly, he noted that an “unbiased, independent” panel of experts will “work with both the government side as well as performer teams to” comprehensively consider the ethical, legal and societal implications of the different types of technologies they engineer.
“This is something that we’re quite serious about, and it will be baked into the program as it moves forward,” Pava noted.