Practical advice for secure virtual communication post easy AI voice-cloning?
post by hmys (the-cactus) · 2024-08-09T17:32:33.458Z · LW · GW · 2 commentsThis is a question post.
Contents
Answers 5 Gurkenglas 4 Brendan Long None 2 comments
So, I saw this video https://www.reddit.com/r/slatestarcodex/comments/1enq52b/a_clip_from_the_gpt4o_safety_card_where_the_voice/
And, I don't know the context, or if it is even real, but it seems believable on priors, and certainly something people could deliberately create with current technology. Still, the video game me the spooks.
A few weeks ago, my aunt messaged my mother, encouraging her to sign up for a crypto exchange with a referral. They also had a few messages back and fourth, with seemingly natural conversation. My mom (and this makes me somewhat proud, as my mom is not that technologically literate) asked me if this was an AI attempting to trick her. My dad was confident it was. I was (worryingly) not able to give her a straight answer. We called her on facetime, and she confirmed it was her, and that she had been told by her son (my cousin) to use it. Intellectually the video made me confident this wasn't an AI scheme, but even after that short video exchange, I had an uneasy feeling.
All this to say, I'm seriously considering setting up a secure physical system for making online communication with people I know deepfake-proof. Have anyone tried to do this?
The simplest solution I can think of is to take two pieces of paper. Write down the same 20 high-entropy sentences on each of them, numbered. Then give one of them to a partner. Then you can ask them for one of the sentences if you are suspicious, or they you. Afterwards you cross out the sentence you use.
This has the advantage of being watertight if you use a good source of randomness in generating the sentences, which is easy enough to get. It has the disadvantage of being limited in the number of sentences you can bother to write down. And also pieces of paper being easily lost/broken. I haven't tried to I don't know if this would really be an issue. If you'd use the pad 20x/day, or only 2x / year.
Another solution is to have two raspberry pis computing the same hash function. Then you can tell the person you're speaking with "type in 158327 and click enter, what is the response?", then you can type in the number on your raspberry pi, and check if it is the same.
This has the issue that I don't know how to set up a raspberry pi, although I could probably learn pretty quickly. If the system breaks I'd have to travel to fix it, which would be a big hassle.
The biggest issue with both of these is that I'd imagine scams leveraging deepfakes would leverage stressful situations, where It'd be believable not be able to use the one time pad, "HMYS!!! IM IN HONG KONG AND I LOST MY WALLET!!!! IM SCREWED, I NEED YOU TO HELP ME PAY FOR A PLANE TICKET BACK HOME AND TALK TO THE FINNISH EMBASSY SO I CAN GET MY ID. I DON'T HAVE MY ONE TIME PAD, I'M REALLY SORRY I KNOW I SHOULD USE IT IN SITUATIONS LIKE THESE BUT I LOST IT!!!!!!!"
This I don't know how to fix. One thought is to maybe fold it into a tiny piece of paper and put it in jewlery that could be worn.
Tell me if there is some obvious better way I'm missing.
Answers
You could probably use an OTP app for this.
- Alice generates a random OTP secret and adds it to her OTP app as "Bob".
- Bob adds the same OTP secret in his app as "Alice"
To confirm the other's identity:
- Alice asks Bob for the code his app is showing under "Alice"
- Alice confirms that her phone is showing the same code under "Bob"
- If Bob wants proof of Alice's identity, he can ask her for the next code to show up
I think this works similarly to your written down sentences, but you'll never run out. It has the same problem in situations where people don't have their stuff though (although your family is probably more likely to have their phone than a random piece of paper).
One piece of complexity is that OTP depends on the time, so if you're sufficiently de-synchronized the numbers won't align perfectly (although if Bob keeps reading off numbers, eventually one of them should show up on Alice's app).
↑ comment by Viliam · 2024-08-10T11:04:52.651Z · LW(p) · GW(p)
You could probably buy an already existing hardware solution for OTP. There are these small things where you press a button and the display shows a seemingly random number... and they are usually authenticated against some computer system, but I wonder if there is also an option to buy an "entangled" pair that generates the same sequence of numbers.
Then there are the scams that will pretend that you lost the OTP device. For that purpose you would need a secondary solution, but that one will be legitimately required very rarely.
2 comments
Comments sorted by top scores.
comment by Error · 2024-08-09T21:55:19.081Z · LW(p) · GW(p)
In principle, you can solve this with gpg-signed messages (the message could be as simple as "yes, that's me you're talking to on the phone"). Anyone you give your public key to can verify anything you sign.
...the problem, of course, is persuading anyone else to use gpg. Good luck with that part. :-(
comment by noggin-scratcher · 2024-08-09T22:48:11.792Z · LW(p) · GW(p)
Even if there wasn't an AI voice clone involved, I'm still suspicious that someone was getting scammed. Just on priors for an unsolicited crypto exchange referral.