Scott Moore

Shrey Jain, Connor Spelliscy, Samuel Vance-Law et al.

AI-enabled tools have become sophisticated enough to allow a small number of individuals to run disinformation campaigns of an unprecedented scale. Privacy-preserving identity attestations can drastically reduce instances of impersonation and make disinformation easy to identify and potentially hinder. By understanding how identity attestations are positioned across the spectrum of decentralization, we can gain a better understanding of the costs and benefits of various attestations. In this paper, we discuss attestation types, including governmental, biometric, federated, and web of trust-based, and include examples such as e-Estonia, China's social credit system, Worldcoin, OAuth, X (formerly Twitter), Gitcoin Passport, and EAS. We believe that the most resilient systems create an identity that evolves and is connected to a network of similarly evolving identities that verify one another. In this type of system, each entity contributes its respective credibility to the attestation process, creating a larger, more comprehensive set of attestations. We believe these systems could be the best approach to authenticating identity and protecting against some of the threats to democracy that AI can pose in the hands of malicious actors. However, governments will likely attempt to mitigate these risks by implementing centralized identity authentication systems; these centralized systems could themselves pose risks to the democratic processes they are built to defend. We therefore recommend that policymakers support the development of standards-setting organizations for identity, provide legal clarity for builders of decentralized tooling, and fund research critical to effective identity authentication systems.

Jennifer Paykin, Eric Mertens, Mark Tullsen et al.

Weird machines---the computational models accessible by exploiting security vulnerabilities---arise from the difference between the model a programmer has in her head of how her program should run and the implementation that actually executes. Previous attempts to reason about or identify weird machines have viewed these models through the lens of formal computational structures such as state machines and Turing machines. But because programmers rarely think about programs in this way, it is difficult to effectively apply insights about weird machines to improve security. We present a new view of weird machines based on techniques from programming languages theory and secure compilation. Instead of an underspecified model drawn from a programmers' head, we start with a program written in a high-level source language that enforces security properties by design. Instead of state machines to describe computation, we use the well-defined semantics of this source language and a target language, into which the source program will be compiled. Weird machines are the sets of behaviors that can be achieved by a compiled source program in the target language that cannot be achieved in the source language directly. That is, exploits are witnesses to insecure compilation. This paper develops a framework for characterizing weird machines as insecure compilation, and illustrates the framework with examples of common exploits. We study the classes of security properties that exploits violate, the compositionality of exploits in a compiler stack, and the weird machines and mitigations that arise.