A significant risk with ZKPs is that they can make a lot of explicit control rules palatable by making the side effects much less extreme.
If a company can come up with a reasonable reason to check something, then a ZKP enables that check without wider harm to privacy. But it still gives the narrow harm to privacy that otherwise wouldn’t exist.
Put differently, privacy concerns have shielded us not just from surveillance, but also from powerful control. Control in the form of “you are only allowed X if you meet criteria Y”. With ZKPs, that shield of “why would I tell you enough information to determine Y” stops working. But those conditions on X are harmful more broadly.
Take the US border checks of Social Media. Are those more OK if all of a sudden there’s a ZKP you have to give of never having called Trump a cunt in any private message?
The attestor gives you a credential once. You can think of it as a dob (in e.g. days since 1900) with a digital signature.
Then when you want to access something age gated, you locally generate a proof that says “I have a credential signed by X, with DoB N, and N < CutOff date” where X and the CutOff date are public but the credential and the value N are hidden through the ZkP.
The attestor isn’t involved so doesn’t learn anything. The Verifier only learns the public information, and generally won’t be able to tell if two proofs are made with the same credential.
We definitely need identity attestation in some places. A basic example is when authorising tax return payments. Or when opening a line of credit. Also when getting e.g. a concealed carry license. And similar for government agents executing search warrants, tow truck drivers picking up cars, etc.
Identity attestation isn’t a bad thing per se. It’s just something that can be abused.
Our whole education system is setup as a skinner box for grades. People finding tricks for better grades are massively rewarded. Study methods are optimised for recall within a month. And educators are accountable only to the measured outcomes.
Very little of the designed system of education is aimed at teaching. Most of it is aimed at measuring and certifying. Treating students as adversarial grade maximisers will likely teach a lot of them they are expected to grade maximise adversarially.
This isn’t about keeping people from having the power of frontier LLMs. So tricks that let others have it aren’t a defeat of this policy.
This is export control, where the US government seeks to leverage the fact that these frontier models are US made. This is then leveraged against opponents, and likely also just for grift. There’s also perhaps a little legitimate worry about the implications of free access to, but that is secondary to the real goal.
There's a very strong podcast series about the common failure of Epidurals: "The retrievals" season 2, by serial productions.
I found it rather eye-opening. The series includes reporting on a conference of the Society for Obstetric Anesthesia and Perinatology (SOAP) where the professionals in this field also found it eye opening. (mostly episode 2)
I don't bring this up to say that actually Epidurals suck, just to bring attention to the fact that they can fail, and that the system has historically handled such failure really poorly, and that the system itself isn't very well aware of this issue. This isn't just opinion from some podcast, but also admitted by the professionals working within this field.
It's also something valuable to be aware of when you or your partner is planning to have an epidural, because there is real space (and even a need) for advocacy for the patient when an epidural fails and the woman giving birth is in excruciating pain.
Not vacuous, but tautological.
Which is different, because tautologies can actually be quite directly informative. Whereas vacuous truths tend to be oblique.
Also, “Microsoft is lying” is not a logically stronger statement, because they might be lying about something other than whether they distilled or trained on AI output.
It doesn’t fully guarantee that. But it guarantees you don’t have a huge class of bugs. And it makes concurrency a lot easier to reason about.
No system will likely ever guarantee that software does what you expect. That runs into the halting problem, and practically runs into a verbosity problem. But that doesn’t mean systems that give scoped guarantees aren’t amazing for building (and iterating on) reliable software.
Microsoft themselves won’t do that. They are already under severe scrutiny internationally for fear of the US using Microsoft as leverage. They don’t want to stoke those fears. Once they do something like this, everyone who has been saying “stick with Microsoft services, they are the cheapest option compared to doing it ourselves, and have the lowest business continuity risk” will lose that argument at the same time. That creates a massive and clear opportunity for credible competitors to rise up.
This type of action would be like Trump in Iran “I am do much more powerful than you, so submit or suffer the consequences” can trivially backfire, and really reduces the effectiveness of your power.
This is a rather strong analysis. And especially the point on behaviour change once market growth plateaus was new to me. Thanks!
I do want to nitpick on “unregulated free markets”. Because it’s almost an oxymoron. At least if one wants to rely on the theorems that prove free markets are best.
Those theorems assume a bit more than just a lack of regulation. They assume no information imbalance between parties. No ways outside of competition to keep out market entrants, and no collusion between market parties.
All of those assumptions, in order to approach them in the real world, really require some strong regulation.
Hence I would argue that the problem isn’t just the growth curve flattening, but also a US (and EU) halt to Trust busting. Massive weakening of consumer protection agencies, and a general weakening of regulatory agencies by e.g. court cases.
It’s not just that we need stronger regulation because tech companies reached a point in their lifecycle where they wish to exploit more, as you so clearly argued. On top of that, regulatory power has been pulled back.
If this removes people’s access to products (software licenses count as products here) someone payed fir once. Then you should only be allowed to do that if you enable people to continue using the product.
Releasing the server code should be a requirement. Software updates shouldn’t be required. Unless the product has a moment where it will stop functioning on the hardware it was build for built in (such as an expiring certificate).
This insider trading isn't hedge-funds working hard to get an edge. It's political insiders trading ahead of public statements. They are getting gains not by dint of being incredibly smart, nor from working very hard. Instead its from abusing their position in power. And by doing so in this manner, they are taking money away from the actual productive people trading in the futures market.
Besides, as Matt Levine often says. In the US, insider trading is a matter of miss-appropriating information when you have a duty of confidentiality. Its not about trading when you know more than someone else. Its about trading when you know something your not supposed to share.
And does it make sense that at least some people do want your identity before interacting with you?