The AI Daily Brief: Artificial Intelligence News and Analysis - Can Apple Intelligence Actually Protect Your Privacy?
Episode Date: June 11, 2024Apple’s recent AI strategy announcement at WWDC 2024 has sparked discussions about the balance between innovation and privacy. This episode dives into the key takeaways from Apple’s presentation, ...focusing on how “Apple Intelligence” aims to protect user privacy while offering enhanced functionality through Siri and new AI features. Explore the potential benefits and risks of Apple’s approach to AI and privacy. ** Join Superintelligent at https://besuper.ai/ -- Practical, useful, hands on AI education through tutorials and step-by-step how-tos. Use code podcast for 50% off your first month! ** ABOUT THE AI BREAKDOWN The AI Breakdown helps you understand the most important news and discussions in AI. Subscribe to The AI Breakdown newsletter: https://aidailybrief.beehiiv.com/ Subscribe to The AI Breakdown on YouTube: https://www.youtube.com/@AIDailyBrief Join the community: bit.ly/aibreakdown
Transcript
Discussion (0)
Today on the AI Daily Brief, a centerpiece of the new Apple intelligence strategy is privacy,
but are people buying their promise?
Before that in the headlines, is Kling the new SORA Killer?
The AI Daily Brief is a daily podcast and video about the most important news and discussions in AI.
To join the conversation, follow the Discord link in our show notes.
Welcome back to the AI Daily Brief Headlines edition,
all the AI Daily News you need in around five minutes.
Today we kick off with the new application that was absolutely,
dominating the conversation on Twitter slash X at the end of last week and over the weekend.
And that was, of course, the launch of Kling, a video generation app out of China that many were
calling a Sora Killer. There were about 10,000 threads like this one from Proper, featuring the
best creations that they had found, and a lot of them are really very impressive. There are a variety
of styles. There's a lot of action and motion in these videos. They have a lot of that hyper-realism
that impressed people about SORA when it was first debuted back in February.
There are natural landscape videos that really look like a video was taken,
and even the more imaginative things like this flaming horse here,
seem real, for lack of a better word.
People engaged in motion are also rendered incredibly well.
Overall, it's very impressive,
especially considering where we were just a year ago with Will Smith eating noodles.
DeCrypt writes, Sora Who?
Kling is the new AI video generator everyone is talking about.
Hailing from China, they write,
the Kling AI video model is a potential game changer, blasting past mainstaysays like
Pika or Runway-ML.
Decript writes that Kling was developed by Kui Shu, a Chinese tech giant that competes with
TikTok, that it can generate videos of up to two minutes long, at 1080p resolution and 30
frames per second, and importantly that it seems to avoid common pitfalls, like adding
extra limbs to humans.
They write, like SORA, Kling has a better understanding of real-world physics, allowing
for more accurate simulation of physical interactions between objects.
It's also designed to accurately follow prompts and create sequences of shots
with multiple views allowing for more complex and dynamic videos.
Now, a lot of the Twitterati jumped in to call this a SORA killer.
And while people pointed out that that was mostly hyperbole,
the reality is that SORA isn't released yet.
As amazing as the model seems,
so far it's only been select Hollywood partners
that have been able to actually get access to it.
We're not exactly sure how much this is a business model question
because of the high cost of generating these types of videos
versus a strategic question
of trying to deal with the concerns of Hollywood
by cutting them in on the early stages of the technology.
But in either case,
it's not surprising that people are jumping to the conclusion
that the thing that exists
is better than the thing that they don't have access to.
So until SORA is actually available to users,
you're going to see more of this sort of rhetoric.
There are also some really interesting geopolitical implications
around what this says about China
and how close it is to US state-of-the-art when it comes to AI,
but that we will save for a different show.
Next up from the somewhat unexpected files,
Canadian Prime Minister Justin Trudeau recently talked about AI on a podcast and was a bit more
accelerationist than you might have thought. Let's listen to what he had to say.
I don't think there's much we're going to be able to do now to prevent what's going to happen
down the line. I mean, obviously we need to be setting up the right kinds of parameters and
maximizing our chance that good and thoughtful people are engaged in creating with the right
kinds of parameters around it. But there's no question that this technology is going to get more
and more powerful. But the idea that we might end up with a sentient computer that will decide
that the greatest threat to human beings, if that's our job, is to protect human beings,
is other human beings and suddenly, you know, makes drastic social change. Yeah, that is sort of
dystopian science fiction. I think there are ways we need to be responsible about how we manage and
how we build in those expectations from now. But I also think that AI for good is going to be one of the
most powerful tools we have to counter the AI for bad that is going to be created by bad guys out
there and therefore easing off or saying, okay, well, let's slow this down because we don't
understand all the consequences is probably not the right track, even though I can understand how
appealing that would be to people. No, let's just figure it out and keep making sure that
that those of us who have what we consider to be positive values and thoughtful approaches that are
benevolent or at least looking for positive outcomes are fully in the game with every new step of
technology. This definitely confirms to me that we are seeing a shift among a lot of Western elected
officials when it comes to questions of AI safety. It follows from the recent roadmap that
was released by Senate Majority Leader Chuck Schumer and other senators that really focused much more
on questions of AI competitiveness than it did on questions of AI safety and AI risk.
Speaking of governments and AI competitiveness, in another indication of how fast the Middle East
and specifically Gulf states are moving when it comes to AI, Dubai has appointed 22 chief AI
officers across various government entities. Basically, there is a new AI officer in every department
of government that is charged with figuring out how to bring AI into that particular area.
Lastly, today, some code sleuths are suggesting that XAI, the makers of GROC might be working on image
generation, so maybe we will see the ability to create images natively integrated into Twitter
slash X soon. That, however, is going to do it for today's AI Daily Brief Headlines edition.
Next up, the main episode. Today's episode is brought to you by Fractional. Fractional AI is my
go-to AI Devshop. When we wanted to build an AI product feature for our company Super
Intelligent, we hired Fractional because they're some of the best and fastest AI engineers on
the planet. The feature they built turned out great. It's already been released. And I'm about
to hire them for another project, so I highly recommend them to anyone looking to build AI
product features and workflow automations. The Fractional team is a group of senior engineers
in San Francisco working on some of the most exciting projects in Applied AI. They work with everyone
from startups all the way through the Fortune 500. To request a free consultation, head to
fractional.aI. If you want help identifying and building AI projects for your business,
then I highly recommend that you go check them out. Hit pause on the show, open a web browser,
go to fractional.a.i and get your free consultation. Today's episode is brought
to you by Super Intelligent. Regular listeners know that Super is our platform for helping people learn
how to actually use AI tools. These are not long, laborious courses. These are fun, fast tutorials
that get you actually using the world's most interesting and useful AI tools within minutes.
If you want to build a web application with no code, we've got tutorials for that. If you want
your presentations to look better than ever and take you less time than ever, we've got tutorials
for that. If you want help brainstorming, writing social media copy,
and just generally working smarter, faster, and better, we've got tutorials for that.
We've worked really hard to make it so that there is no better place on the internet to learn how to
actually put AI to work for you, and I'd love for you to check it out.
Go to besuper.a.i and use code podcast for 50% off your first month.
Once again, that's besuper.a.i.
Welcome back to the AI Daily Brief.
Today, we are getting the day two reactions after Apple's big Apple intelligence announcement,
which is, of course, its AI strategy finally revealed.
The TLDR on the whole presentation is that Apple is very much courting a normie audience.
They are focused on a story about AI that is all about simple utility for day-to-day functioning,
saving you time, making things easier, making things just work better.
The centerpiece remains Siri, which finally kind of looks like it might act the way that people would expect it to.
It's going to be able to take actions on people's behalf and plug into the entire suite of apps,
pushing us towards a mode of human-computer interaction where everything is mediated by a single assistant app.
Part of the way that it is able to do that is because it has all of what Apple calls our personal context.
It can read our email, see what we're looking at on screen, go into any of the applications we've authorized and pull data from there.
And if that sounds like a privacy boondoggle to you, you are not alone.
In fact, Apple knew that this was going to be a central question and spent a huge amount of their presentation focused on privacy.
On their Apple Intelligence preview page, a headline reads,
Great Powers come with great privacy.
Apple Intelligence is designed to protect your privacy at every step.
It's integrated into the core of your iPhone, iPad, and Mac through on-device processing.
So it's aware of your personal information without collecting your personal information.
And with groundbreaking private cloud compute,
Apple Intelligence can draw on larger server-based models running on Apple Silicon
to handle more complex requests for you while protecting your privacy.
So this private cloud compute is a big part of what Apple is selling to us here.
We knew that they were going to offer a lot on device so they could get access to that information without storing it anywhere,
but Private Cloud Compute is their new approach for dealing with issues that require more computation than is available on device.
They say of Private Cloud Compute that your data is never stored, that it's used only for your requests,
and that there is a verifiable privacy promise.
Today we're going to be talking about this privacy question,
and whether Apple can thread this very difficult needle between we protect your privacy,
but we're looking at everything about your life as well.
coverage in media has mostly been positive, or at least giving Apple the benefit of the doubt.
Ars Technica points to a publicly reviewable server code as the way that Apple says that experts can
verify the privacy promise. Fast Company writes that Apple's commitment to data privacy could pay off
big with its AI. They say whereas customers of other AI companies may not trust that AI systems
won't leak their data or use it in unauthorized ways, they're likely to trust Apple.
The idea here being, of course, that this is not a new position for Apple, that they have focused
on trust at the center of their brand for more than a decade now, which was of course
enabled by the fact that they didn't need to use users' data to sell it to advertisers for their
business model to work.
Bill O'Al-Sidhu, the host of the new TED Talks AI show, pointed out that people's initial
reaction was positive.
He tweeted, Apple's reality distortion field is strong.
It's kind of wild that with semantic index, Apple is basically doing what Microsoft wants to do
with AI recall and copilot and without any of the other Big Brother backlash.
Semantic index means all your private content, messages, emails, photos,
videos, calendar events, screen context, etc., is processed and can be queried by AI models.
It's basically Apple's version of AI recall.
Get iOS 18 and you're opted into these AI features by default.
But it comes with a great Apple privacy narrative.
Meanwhile, Microsoft fumbled the ball talking about intermittent screenshots and photographic memory, lull.
Bidlis then goes on to ask a couple of questions.
Is it possible to opt out of these features?
How much of the semantic index is generated locally versus in the cloud?
How much of the semantic index to third-party providers get access to when you send a query?
and is user data used to improve Apple's AI models.
He later followed up with a positive assessment of the private cloud compute.
He tweeted,
Apple's private cloud computing actually takes confidential computing to the next level.
It's so secure that they can't even comply with law enforcement requests.
No data retention, unlike every other cloud provider.
No privileged access.
Even Apple SREs can't see your data even if they wanted to.
Custom hardware and operating system.
Non-targetability.
And verifiable transparency that allows researchers to inspect software images
to check assurances and find issues.
He says, seems like Apple has been working on this well before the Gen AI project,
presumably for cloud processing of sensitive data off AR glasses.
So barring getting hardware access, in which case RIP, no matter if it's in the cloud or your phone,
Apple has set the new standard for privacy in the cloud.
However, this was far from the only take.
Maybe the most viewed take on this whole issue was when Elon Musk tweeted,
if Apple integrates OpenAI at the OS level, then Apple devices will be banned at my companies.
That is an unacceptable security violation.
That tweet was viewed 66.7 million times.
Elon continued,
visitors will have to check their Apple devices at the door
where they will be stored in a Faraday cage.
Later, he also tweeted,
it's patently absurd that Apple isn't smart enough to make their own AI,
yet is somehow capable of ensuring that OpenAI
will protect your security and privacy.
Apple has no clue what's actually going on
once they hand your data over to OpenAI.
They're selling you down the river.
That one got 27.6 million views,
but it also did get community noted.
With the community adding,
Apple has developed their foundation models
which run on device locally and have approximately 3 billion parameters.
For tasks that require more compute, Apple uses either private cloud compute, open to verify for privacy,
or OpenAI, with an additional confirmation.
The information Pimp points out the skepticism that many people have of Elon's posting,
writing Elon has posted 24 times today about the Apple and Open AI thing, which is insanely funny.
He's presenting it as a privacy concern, but we all know he's malding over the fact that no one uses GROC.
But to be fair, Elon isn't the only one with some concerns.
Carla Ortiz writes,
Apple intelligence is here and zero questions of where does the data come from to be seen in the press.
Apple is trying to shove a huge privacy risk in tech that screams scraped out the internet without consent to the public.
And even people who support Apple noted that this question of privacy is going to be a big one
when it comes to how successful this launch is.
Stevensonovsky of A16Z optimistically writes,
with on-device computing and privacy features,
Apple could have a whole new cachet and appeal for consumers.
Although he then points to the fact that market actor seems skeptical with Apple shares falling 2%.
which was their worst performance on the day of a WWDC keynote in 11 years.
But what do actual security experts think?
Matthew Green, who teaches cryptography at Johns Hopkins, wrote a long thread,
which I'll read a big excerpt from here.
Matthew says,
So Apple is introduced a new system called Private Cloud Compute
that allows your phone to offload complex tasks to specialize secure devices in the cloud.
I'm still trying to work out what I think about this.
Apple, unlike most other mobile providers,
has traditionally done a lot of processing on device.
For example, all of machine learning and OCR text recognition
on photos is done right on your device. The problem is that while modern phone neural hardware is
improving, it's not improving fast enough to take advantage of all the crazy features Silicon Valley
wants from modern AI, including generative AI and its ilk. This fundamentally requires servers.
But if you send your tasks out to servers in the cloud, this means sending incredibly private
data off your phone and out over the internet. That exposes you to spying, hacking, and data-hungry
business models of Silicon Valley. The solution Apple has come up with is to try to build secure
and trustworthy hardware in their own data centers. Your phone can outsource heavy tasks of this
hardware. Seems easy, right? TLDR, it is not easy. Building trustworthy computers is literally the
hardest problem in computer security. Honestly, it's almost the only problem in computer security.
But while it remains a challenging problem, we've made a lot of advances. Apple is using almost all
of them. The first thing Apple is doing is using all the advances they've made in building secure
phones and PCs in their new servers. This involves using secure boot and a secure enclave
processor or SCP to hold keys. They've presumably turned on all the processor security features.
Then they're throwing all kinds of processes at the server hardware to make sure the hardware is
and tampered with. I can't tell if this prevents hardware attacks, but it seems like a start.
They also use a bunch of protections to ensure that software is legitimate. One is that the software
is stateless and allegedly doesn't keep information between user requests. To help ensure this,
each server node reboot, re-keys, and wipes all storage. A second protection is that the operating
system can attest to the software image it's running. Specifically, it signs a hash of the software
and shares this with every phone and client. If you trust this infrastructure, you'll know it's
running a specific piece of software. Of course, knowing the phone is running a specific piece of software
doesn't help you if you don't trust the software. So Apple plans to put each binary image into a
transparency login and publish the software. But here's a sticky point, not with the full source code.
Security researchers will get some code in a VM they can use to run the software. They'll then have
to reverse-engineer the binaries to see if they're doing unexpected things. It's a little suboptimal.
When your phone wants to outsource a task, it will contact Apple and obtain a list of servers
and nodes in their keys. It will then encrypt its request to all servers, and one will process it.
They're even using fancy anonymous credentials in a third-par relay to hide your IP.
Okay, there are probably half a dozen more technical details in the blog post.
It's a very thoughtful design.
Indeed, if you gave an excellent team a huge pile of money and told them to build the best private cloud in the world,
it would probably look like this.
But now the tough questions.
Is it a good idea?
And is it as secure as what Apple does today?
And most importantly, can users opt out entirely from this feature?
I admit that as I learned about this feature, it made me kind of sad.
The thought that was going through my head was, this is going to be too much of a temptation.
you can safely outsource tasks of the cloud, why bother doing them locally outsource everything?
As best as I can tell, Apple does not have explicit plans to announce when your data is going off
device for private compute. You won't opt into this. You won't even necessarily be told it's
happening. It will just happen magically. I don't love that part. Finally, there are so many invisible
sharp edges that could exist in a system like this. Hardware flaws, issues with the cryptographic
attenuation framework, clever software exploits. Many of these will be hard for security researchers
to detect. That worries me too. Wrapping up on a more positive note, it's worth keeping in mind that
sometimes the perfect is the enemy of the really good. In practice, the alternative to on devices
ship private data to open AI or someplace sketchier, where who knows what might happen to it.
And of course, keep in mind that super spies aren't your biggest adversary. For many people,
your biggest adversary is the company who sold you your device and software. This private cloud
compute system represents a real commitment by Apple not to peek at your data, and that's a big deal.
In any case, this is the world we're moving too. Your phone might seem to be in your pocket,
but a part of it lives 2,000 miles away in a data center. As security folks, we probably need to
get used to that fact and do the best we can to make sure all parts are secure.
El CamTuff summed up, three things can be simultaneously true. It's a major improvement from the
infrastructure security standpoint. It doesn't confer any bulletproof assurances to you the
consumer, and it's a step back if it blurs the PR line between keeping your stuff local and in
the cloud. Ultimately, as Matthew says, this is the world we're heading into. I think all of these
questions are important. Otherwise, why would I cover it on a full show? But I think ultimately when
it comes to consumers, it's going to be a lot of hand-wringing. Now, if anything can make them take
seriously the questions of privacy, it will be generative AI given how much discourses around data
and privacy in the public sphere. But so far when it comes to the trade-off between convenience and
privacy, it's very clear which one most consumers make. As Simon Willison puts, some of the backlash
I'm seeing against Apple is reinforcing my opinion. The hardest problem in computer science continues to be
convincing an AI skeptic that you're not going to steal their data and train an AI model on it.
Apple is betting that if anyone can do that, it's them.
That is going to do it for today's AI Daily Brief.
Until next time, peace.
