Intel CTO: Machines could ultimately match human intelligence

Will machines ever be as smart as humans? The notion of a technological "singularity," a time when machines match and surpass human intellect, has been popularized by thinkers such as inventor and author Raymond Kurzweil, who commonly cites Moore's Law in his arguments about the exponential growth of technology. Intel CTO Justin Rattner thinks that someday, they might.

Rattner's views on the singularity are sought after, given that he is CTO of the world's biggest chipmaker and the head of Intel Labs, the company's primary research arm. So yeah, at some point, assuming all kinds of advances and breakthroughs, it's not inconceivable we'll reach a point that machines do match human intelligence." Already, scientists are working on placing neural sensors and chips into the brain, allowing people to control prosthetic limbs with their own thoughts. In a recent interview with Network World, Rattner said he has "tried to sidestep the question of when [the singularity] might occur," but says machine intelligence is constantly increasing due to laws of accelerating returns, "of which Moore's Law is perhaps the best example." "There will be a surprising amount of machines that do exhibit human-like capabilities," Rattner said. "Not to the extent of what humans can do today, but in an increasing number of areas these machines will show more and more human-like intelligence, particularly in the perceptual tasks. This is likely to become a "relatively routine procedure" in a few years, Rattner said. Rattner's views are also held in high regard in the world of supercomputing, of course, and he will deliver the opening address at the SC supercomputing conference in Portland, Ore. in November.

Rattner said that while many commentators are preoccupied with the far-off singularity, he concerns himself more on how laws of accelerating returns "are real" and could lead to amazing advances in technology, including augmentation of the human body. "Assuming that interface technology progresses in an accelerating way, the possibilities of augmenting human intelligence with machine intelligence become increasingly real and more diverse," Rattner said. Nearly 80% of the world's 500 fastest supercomputers use Intel processors. But Rattner says the supercomputing industry is already looking forward to the era of the exaflop - 1,000 times faster than a petaflop. The world's first petaflop machines, capable of performing one thousand trillion calculations per second, came online just last year. Rattner says the fundamental technologies behind a future exaflop machine could be demonstrated by the middle of next decade, and - depending on government investment - the first exaflop machines could become operational in the second half of the decade.

You'd need a 500-megawatt nuclear power station to run the thing." The industry will have to move that number down to something practical, perhaps tens of megawatts, Rattner said. But this still depends on overcoming limitations in today's computing architectures. "Now that we've achieved petascale computing, there's all this interest in getting the next factor of 1,000," Rattner said. "But we can't get there with today's technology, largely because of power considerations. But the work is just getting started. "We've got a lot of really big engineering challenges," Rattner said. "Today, we just don't know how to get there."

iStockphoto guarantees its collection

Starting today, iStockphoto, the micropayment royalty-free image, video, and audio provider, will legally guarantee its entire collection from copyright, moral right, trademark, intellectual property, and rights of privacy disputes for up to $10,000. The new iStock Legal Guarantee, delivered at no cost to customers, covers the company's entire 5 million-plus collection. Recently however, Vivozoom, another microstock company, took a similar action to guarantee its collection. Additional coverage for an Extended Legal Guarantee totaling $250,000 is available for the purchase of 100 iStock credits. "Our first line of defense has always been-and continues to be-our rigorous inspection process," said Kelly Thompson, chief operating officer of iStockphoto. "The Legal Guarantee is simply an added layer of protection for our customers, many of whom are using microstock more than ever before." Although common for traditional stock houses, such legal guarantees have not been standard in microstock because of the low prices. iStock says that files purchased and used in accordance with its license will not breach any trademark, copyright, or other intellectual property rights or rights of privacy.

And, if a customer does get a claim, iStock will cover the customer's legal costs and direct damages up to a combined total of $10,000. iStock customers can increase their coverage for legal fees and direct damages up to a combined total of $250,000 by purchasing the Extended Legal Guarantee via the iStock credits (which costs between $95 and $138). iStock expects that this program will be popular with a very small percentage of sophisticated media buyers with very specific needs, and considers it to be a value-added service to customers rather than a major source of revenue.

SANS: Security Ignores the Two Biggest Cyber Risks

Two major cyber risks dwarf all others, but organizations are failing to invest in the proper tools to mitigate them, choosing instead to focus security attention on lower risk areas, according to a report released Tuesday by SANS Institute. Attack data for this research was drawn from TippingPoint appliances deployed at customer sites, while vulnerability data was collected via Qualys' scanning services. The research, which draws upon data collected from March to August 2009 from thousands of organizations, claims companies give insufficient attention to today's risks and put their systems in peril by continuing to maintain the status quo with an emphasis on operating system patches and other outdated protection methods. Also see 7 Reasons Websites Are No Longer Safe The most surprising conclusion may be that client-side application software vulnerabilities pose the largest threat to network security as opposed operating system vulnerabilities, which tend to get more attention when it comes to patching.

The report notes that most large organizations take at least twice as long to patch client-side vulnerabilities as they take to patch operating system vulnerabilities, choosing to place a higher priority on the lesser risk. SANS claims many spear-phishing attacks exploit vulnerabilities in commonly-used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office. "This is currently the primary initial infection vector used to compromise computers that have Internet access," the report states. In addition to unpatched client applications, SANS said the other priority for IT security now should be attention to web application vulnerabilities. The two risks, and their tendency to be low priority for security, create a perfect storm for infection. Web applications constitute more than 60 percent of the total attack attempts observed on the Internet, according to the report. "These vulnerabilities are being exploited widely to convert trusted web sites into malicious web sites serving content that contains client-side exploits," the report states. "Web application vulnerabilities such as SQL injection and Cross-Site Scripting flaws in open-source as well as custom-built applications account for more than 80 percent of the vulnerabilities being discovered." Despite the enormous number of attacks, and despite widespread publicity about these vulnerabilities, most web site owners fail to scan effectively for the common flaws and become unwitting tools used by criminals to infect the visitors that trusted those sites to provide a safe web experience, said SANS researchers. With so many Internet-facing web sites vulnerable, and so many applications that contain bugs, it makes it easy for attackers to take advantage of unsuspecting web browsers.

The victims' infected computers are then used to propagate the infection and compromise other internal computers and sensitive servers incorrectly thought to be protected from unauthorized access by external entities. When users visit a trusted site, they feel safe downloading documents, or simply opening documents, music or video which exploit client-side vulnerabilities. "Some exploits do not even require the user to open documents," the report states. "Simply accessing an infected web site is all that is needed to compromise the client software. In many cases, the ultimate goal of the attacker is to steal data from the target organizations and also to install back doors through which the attackers can return for further exploitation." Also see Drive-By Spyware The report's other conclusions include data that finds operating systems continue to have fewer remotely-exploitable vulnerabilities that lead to massive Internet worms. However, the number of attacks against buffer overflow vulnerabilities in Windows tripled from May-June to July-August and constituted over 90 percent of attacks seen against the Windows operating system. Other than Conficker/Downadup, no new major worms for OSs were seen in the wild during the reporting period, the report said. The research also finds rising numbers of zero-day vulnerabilities. "World-wide there has been a significant increase over the past three years in the number of people discovering zero-day vulnerabilities, as measured by multiple independent teams discovering the same vulnerabilities at different times.

Some vulnerabilities have remained unpatched for as long as two years."

Linux driver chief calls out Microsoft over code submission

After a kick in the pants from the leader of the Linux driver project, Microsoft has resumed work on its historic driver code submission to the Linux kernel and avoided having the code pulled from the open source operating system. The submission was greeted with astonishment in July when Microsoft made the announcement, which included releasing the code under a GPLv2 license Microsoft had criticized in the past. Microsoft's submission includes 20,000 lines of code that once added to the Linux kernel will provide the hooks for any distribution of Linux to run on Windows Server 2008 and its Hyper-V hypervisor technology. Greg Kroah-Hartman, the Linux driver project lead who accepted the code from Microsoft in July, Wednesday called out Microsoft on the linux-kernel and driver-devel mailing lists saying the company was not actively developing its hv drivers.

If they do not show back up to claim this driver soon, it will be removed in the 2.6.33 [kernel] release. HV refers to Microsoft Hyper-V. He also posted the message to his blog. "Unfortunately the Microsoft developers seem to have disappeared, and no one is answering my emails. So sad...," he wrote. They are not the only company." Also new: Microsoft forms, funds open source foundation Kroah-Hartman said calling out specific projects on the mailing list is a technique he uses all the time to jump start those that are falling behind. Thursday, however, in an interview with Network World, Kroah-Hartman said Microsoft got the message. "They have responded since I posted," he said, and Microsoft is now back at work on the code they pledged to maintain. "This is a normal part of the development process. In all, Kroah-Hartman specifically mentioned 25 driver projects that were not being actively developed and faced being dropped from the main kernel release 2.6.33, which is due in March.

On top of chiding Microsoft for not keeping up with code development, Kroah-Hartman took the company to task for the state of its original code submission. "Over 200 patches make up the massive cleanup effort needed to just get this code into a semi-sane kernel coding style (someone owes me a big bottle of rum for that work!)," he wrote. He said the driver project was not a "dumping ground for dead code." However, the nearly 40 projects Kroah-Hartman detailed in his mailing list submission, including the Microsoft drivers, will all be included in the 2.6.32 main kernel release slated for December. Kroah-Hartman says there are coding style guidelines and that Microsoft's code did not match those. "That's normal and not a big deal. But the large number of patches did turn out to be quite a bit of work, he noted. It happens with a lot of companies," he said.

He said Thursday that Microsoft still has not contributed any patches around the drivers. "They say they are going to contribute, but all they have submitted is changes to update the to-do list." Kroah-Hartman says he has seen this all before and seemed to chalk it up to the ebbs and flows of the development process. The submission was greeted with astonishment in July when Microsoft made the announcement, which included releasing the code under a GPLv2 license Microsoft had criticized in the past. Microsoft's submission includes 20,000 lines of code that once added to the Linux kernel will provide the hooks for any distribution of Linux to run on Windows Server 2008 and its Hyper-V hypervisor technology. Follow John on Twitter