[Ken Shirriff] Picks Apart Mystery Chip From Twitter Photo

April 25, 2021 by Matthew Carlson 24 Comments

It’s no secret that the work of [Ken Shirriff] graces the front pages of Hackaday quite frequently. He’s back again, this time reverse engineering a comparator chip from a photo on Twitter. The mysterious chip was decapped, photographed under a microscope, and subsequently posted on the internet with an open call to figure out what it did.

[Ken] stepped up, and at first glance, it was obvious that most of the chip is unused, and there appeared to be four copies of the same circuit. After identifying resistors and the different transistor types, [Ken] found differential pairs.

Differential pairs form the heart of most op-amps, and by chaining them together, you can get a strong enough signal to treat it as a logic signal. Based on the design and materials, [Ken] estimates the chip is from the 1970s. Given that it appears to be ECL (Emitter-Coupled Logic), it could just be four comparators. But there are still a few things that don’t add up as two comparators have additional inverted outputs. Searching the part number offered few if any clues, so this will remain somewhat a mystery.

We’ve covered [Ken’s] incredible chip sleuthing before here, such as the Sharp EL-8 from 1969.

Access An 8-bit Atari Through Twitter

October 11, 2020 by Bryan Cockfield 3 Comments

Building a retro computer, or even restoring one, is a great way to understand a lot of the fundamentals of computing. That can take a long time and a lot of energy, though. Luckily, there is a Twitter bot out there that can let you experience an old 8-bit Atari without even needing to spin up an emulator. Just tweet your program to the bot, and it outputs the result.

The bot was built by [Kay Savetz] and accepts programs in five programming languages: Atari BASIC, Turbo-Basic XL, Atari Logo, Atari PILOT, and Atari Assembler/Editor, which was a low-level assembly-type language available on these machines. The bot itself runs on a Raspberry Pi with the Atari 800 emulator, rather than original hardware, presumably because it’s much simpler to get a working network connection on a Pi than on a computer from the 80s. The Pi runs a python script that polls Twitter every two minutes and then hands the code off to the emulator.

[Kay]’s work isn’t limited to just Ataris, though. There’s also an Apple II BASIC bot for all the Apple fans out there that responds to programs written in AppleSoft BASIC. While building your own retro system or emulating one on other hardware is a great exercise, it’s also great that there are tools like these that allow manipulation of retro computers without having to do any of the dirty work ourselves.

Twitter: It’s Not The Algorithm’s Fault. It’s Much Worse.

September 26, 2020 by Elliot Williams 160 Comments

Maybe you heard about the anger surrounding Twitter’s automatic cropping of images. When users submit pictures that are too tall or too wide for the layout, Twitter automatically crops them to roughly a square. Instead of just picking, say, the largest square that’s closest to the center of the image, they use some “algorithm”, likely a neural network, trained to find people’s faces and make sure they’re cropped in.

The problem is that when a too-tall or too-wide image includes two or more people, and they’ve got different colored skin, the crop picks the lighter face. That’s really offensive, and something’s clearly wrong, but what?

A neural network is really just a mathematical equation, with the input variables being in these cases convolutions over the pixels in the image, and training them essentially consists in picking the values for all the coefficients. You do this by applying inputs, seeing how wrong the outputs are, and updating the coefficients to make the answer a little more right. Do this a bazillion times, with a big enough model and dataset, and you can make a machine recognize different breeds of cat.

What went wrong at Twitter? Right now it’s speculation, but my money says it lies with either the training dataset or the coefficient-update step. The problem of including people of all races in the training dataset is so blatantly obvious that we hope that’s not the problem; although getting a representative dataset is hard, it’s known to be hard, and they should be on top of that.

Which means that the issue might be coefficient fitting, and this is where math and culture collide. Imagine that your algorithm just misclassified a cat as an “airplane” or as a “lion”. You need to modify the coefficients so that they move the answer away from this result a bit, and more toward “cat”. Do you move them equally from “airplane” and “lion” or is “airplane” somehow more wrong? To capture this notion of different wrongnesses, you use a loss function that can numerically encapsulate just exactly what it is you want the network to learn, and then you take bigger or smaller steps in the right direction depending on how bad the result was.

Let that sink in for a second. You need a mathematical equation that summarizes what you want the network to learn. (But not how you want it to learn it. That’s the revolutionary quality of applied neural networks.)

Now imagine, as happened to Google, your algorithm fits “gorilla” to the image of a black person. That’s wrong, but it’s categorically differently wrong from simply fitting “airplane” to the same person. How do you write the loss function that incorporates some penalty for racially offensive results? Ideally, you would want them to never happen, so you could imagine trying to identify all possible insults and assigning those outcomes an infinitely large loss. Which is essentially what Google did — their “workaround” was to stop classifying “gorilla” entirely because the loss incurred by misclassifying a person as a gorilla was so large.

This is a fundamental problem with neural networks — they’re only as good as the data and the loss function. These days, the data has become less of a problem, but getting the loss right is a multi-level game, as these neural network trainwrecks demonstrate. And it’s not as easy as writing an equation that isn’t “racist”, whatever that would mean. The loss function is being asked to encapsulate human sensitivities, navigate around them and quantify them, and eventually weigh the slight risk of making a particularly offensive misclassification against not recognizing certain animals at all.

I’m not sure this problem is solvable, even with tremendously large datasets. (There are mathematical proofs that with infinitely large datasets the model will classify everything correctly, so you needn’t worry. But how close are we to infinity? Are asymptotic proofs relevant?)

Anyway, this problem is bigger than algorithms, or even their writers, being “racist”. It may be a fundamental problem of machine learning, and we’re definitely going to see further permutations of the Twitter fiasco in the future as machine classification is being increasingly asked to respect human dignity.

Community Testing Suggests Bias In Twitter’s Cropping Algorithm

September 23, 2020 by Lewin Day 77 Comments

With social media and online services are now huge parts of daily life to the point that our entire world is being shaped by algorithms. Arcane in their workings, they are responsible for the content we see and the adverts we’re shown. Just as importantly, they decide what is hidden from view as well.

Important: Much of this post discusses the performance of a live website algorithm. Some of the links in this post may not perform as reported if viewed at a later date.

The initial Zoom problem that brought Twitter’s issues to light.

Recently, [Colin Madland] posted some screenshots of a Zoom meeting to Twitter, pointing out how Zoom’s background detection algorithm had improperly erased the head of a colleague with darker skin. In doing so, [Colin] noticed a strange effect — although the screenshot he submitted shows both of their faces, Twitter would always crop the image to show just his light-skinned face, no matter the image orientation. The Twitter community raced to explore the problem, and the fallout was swift.

Continue reading “Community Testing Suggests Bias In Twitter’s Cropping Algorithm” →

This Week In Security: Garmin Ransomware, KeePass , And Twitter Warnings

August 7, 2020 by Jonathan Bennett 9 Comments

On July 23, multiple services related to Garmin were taken offline, including their call center and aviation related services. Thanks to information leaked by Garmin employees, we know that this multi-day outage was caused by the Wastedlocker ransomware campaign. After four days, Garmin was able to start the process of restoring the services.

It’s reported that the requested ransom was an eye-watering $10 million. It’s suspected that Garmin actually paid the ransom. A leaked decryptor program confirms that they received the decryption key. The attack was apparently very widespread through Garmin’s network, as it seems that both workstations and public facing servers were impacted. Let’s hope Garmin learned their lesson, and are shoring up their security practices. Continue reading “This Week In Security: Garmin Ransomware, KeePass , And Twitter Warnings” →

This Week In Security: Twitter, Windows DNS, SAP RECON

July 17, 2020 by Jonathan Bennett 8 Comments

Twitter just had their biggest security breach in years. Mike warned us about it on Wednesday, but it’s worth revisiting a few of the details. The story is still developing, but it appears that malicious actors used social engineering to access an internal Twitter dashboard. This dashboard, among other interesting things, allows directly changing the email address associated with an account. Once the address is changed to the attacker’s, it’s simple to do a password reset and gain access.

The bitcoin address used in the crypto scam ended up receiving nearly $120,000 USD worth of bitcoin, all of which has been shuffled off into different accounts. It’s an old and simple scam, but was apparently rather believable because the messages were posted by verified Twitter accounts.

A series of screenshots have been posted, claiming to be the internal Twitter dashboard used in the attack. More than a few eyebrows have been raised, as a result of that dashboard. First off, the fact that Twitter employees can directly change an account’s email address is asking for trouble. Even more interesting are the tags that can be added to an account. “Trends Blacklist” and “Search Blacklist” do call to mind the rumors of shadow-banning, but at this point it’s impossible to know the details. Motherboard is reporting that Twitter is removing that screenshot across the board when it’s posted, and even suspending accounts that post it. Of course, they’d do that if it were faked as well, so who knows? Continue reading “This Week In Security: Twitter, Windows DNS, SAP RECON” →

Today’s Twitter Hack Is New Take On “Nigerian Prince” Scam

July 15, 2020 by Mike Szczys 52 Comments

Don’t send bitcoin to celebrities… or to random people for that matter. This afternoon a number of high profile Twitter accounts were taken over, including Joe Biden, Bill Gates, Elon Musk, Apple, Jeff Bezos, and Kanye West, and the event appears to be ongoing. Each displayed a message saying they wanted to “give back” by doubling the bitcoin that they are sent. The messages all appear to have the same bitcoin wallet address.

This is reminiscent of the “Nigerian prince” scams, a form of advance-fee scam where an email asks for help with a small sum of money in order to obtain a larger sum. Those usually come in as spam emails which most people are wise to at this point. However, blindly following celebrities on Twitter may still deliver a good dose of naïveté when those platforms are misused.

Bitcoin transactions can be viewed publicly and this wallet is showing 11.8 BTC in and 5.8 BTC out in a total of 288 transactions. The net is roughly 6 bitcoin or $55k USD at the time of writing. Twitter’s response appears to have locked down all verified accounts from publishing new tweets. They retain the ability to retweet and delete existing tweets.

Main image screenshot sources: