The voters and congress tell the military how to use technology, not Anthropic. Shifting the decision to Anthropic takes away power from the citizenship.
Edit: The point is, go vote if you don't agree with what the administration is doing. Somebody will sell the DoD whatever they want no matter what Anthropic does.
Say I own a spoon company. The government says "hey, I'd like to buy a million spoons from you!" I say "sure, sounds great." We sign a contract stating that I'll give them 1M spoons and they'll send me $1M.
Then the government comes to me and says "hey, actually, turns out we need 500,000 forks and 300,000 knives and only 200,000 spoons."
I say "no, we are a spoon company. Very passionate about spoons. Producing forks and knives would be an entirely different business, and our contract was for spoons."
The military now threatens to destroy my company unless I give them forks and knives instead of spoons.
You say "the voters and congress tell the military how to use utensils, not SpoonCo. Shifting the decision to SpoonCo takes power away from the citizenship."
The military can sign contracts if they wish! They can decline to sign contracts if they wish!
But private citizens can also choose whether to sign or not sign contracts with the military. Threatening to destroy their business if they don't sign contracts the military likes (or to renegotiate existing contracts in the military's favor) is a huge violation.
The poll linked in the article shows even trump voters have <30% approval for the pentagon’s actions here, so if the citizenship tells the military how to do things…
You might want to go look at the laws that were passed in the wake of WWII. The US could trivially nationalize Anthopic if they want to play games with a weapons technology.
This could kill the golden goose. There is a strong argument to be made that Anthropic has a leading model because of the principled people who built it, and I don’t see how they won’t leave, like many did to go to Anthropic from OpenAI and Google.
Forcing those people to make weapons to be used against citizens is nothing like the total war in WW2. Why wouldn’t the pentagon just buy from another LLM supplier?
Bingo, DoD does not want Anthropic to set guardrails on the technology it buys. If they don't want to abide they are free to deny service. We all know how that will turn our for them with the current administration. All while the DoD will just move to another provider that WILL abide. The only power really lies in whatever our elected officials want to do. Take the responsibility seriously.
I'm sorry but the Pentagon already had a contract with Anthropic and is now threatening to use the supply chain risk law to essentially kill their entire company because they wanted to re-write the contract. They could easily just not sign the contract and move to a competitor. Its an incredibly disturbing and chilling move by the Pentagon...
We just built a new version of the witness run action that tracks the who/what/when/where and why of the GitHub actions being used. It provides "Trusted Telemetry" in the form of SLSA and in-toto attestations.
When I saw the tj-actions attack, I decided it was time to finally implement action wrapping with our `witness-run-action`. This will generate signed attestations on exactly what the actions are doing.
We have some more testing to do before we cut an official release, but it is working correctly for the limited cases we have tested it with. I'd love this group's feedback.
I've been thinking about this a lot. First, the author should replace security with compliance. Currently they are two different things. There is a huge divide between compliance teams and developers, they speak completely different languages. I'm writing an entire series about it. I do think we can fix the problem, but it is going to be a lot more work than it was to get development and operations on the same page.
We would love for you to talk about this at one of our in-toto community meetings. Let me know if you are interested. contact info is in the comments, or feel free to stop by #in-toto on CNCF slack
Provenance is NOT injecting secret data into the build process. Provenance (scoped to supply chain security) is a document that describes the process in which the artifact goes through to become an artifact, to include all steps such as testing, GRC, etc.
Disclaimer, I am a member if the in-toto steering committee and the CEO of a software supply chain startup, Testifysec. https://github.com/in-toto/witness is our project
The context here is signed build provenance, which does involve injecting a secret (or more accurately, some publicly verifiable credential that only an a priori trusted party can mint or otherwise issue for) into the context that the provenance belongs to.
You're right that provenance itself doesn't require this, but that is principally because it punts on the problem of authenticity. Whether or not authenticity matters probably depends on the value and scope of the provenance's use :-)
I think if we can sufficiently isolate the build process we can solve this problem. Lot's of opportunity with our project Witness to add extra isolation. It is something we are working on. However, the real supply chain security "business problem" is just tracking everything in a standardized way. This is what the in-toto project helps with. I wrote about it here: https://www.cncf.io/blog/2023/08/17/unleashing-in-toto-the-a.... we also wrote Witness and Archivista to help solve this problem..
We have lots of work to do. https://github.com/in-toto/witness
Full disclosure, I am a member of the steering committee for in-toto and the CEO of TestifySec which is the main contributor to Witness.
how much experience you have with embed? from small iot white label like small business alarm systems to behemoths like Samsung... the only constant is they ship whatever and the lowest interns handle build
Step one is actually wanting to improve security. Those IoT companies have no motivator. Most of our business is with Federal/Defense and Finance. Those companies will only change if liability changes or the regulatory environment forces them to.
I think this type of attestation gets us part of the way there, however, the solution needs to be a bit more generalized to cover all the threats. At TestifySec we are working on a open source pluggable attestation framework with a rego policy engine for verification.
A review attestation (as proposed in this article) is pretty interesting and is an attestor I will probably add to our project.
Start doing security what way, exactly? I defined a threat model and a mitigation. And it's pretty straightforward - a single keypair that ties environment variables to their deployment.
The article you linked to is about signing. It doesn't solve "I need to put an AWS key into the environment of a process".
Edit: The point is, go vote if you don't agree with what the administration is doing. Somebody will sell the DoD whatever they want no matter what Anthropic does.
reply