Fresh Thoughts #109: Are You Human? Part 1
- Newsletter
"Are you human?"
For some reason, this question has screamed out of my inbox and social feeds this week.
It is being posed as an anxious, reactionary question against AI.
The assertion being made is that there is a fundamental need to prove the content you are reading or watching was created by a human.
Or in the case of Sam Altman - OpenAI CEO and co-founder of Worldcoin - proof of personhood.
But does it matter if the content was created by a human or machine (AI)?
We manage the mix of human and machine creation daily.
In many areas, human-created is a luxury.
For example, a beautiful hand-crafted mug by Florian Gadsby will cost £60.
Whereas a similar machine-made mug from IKEA costs £3.
Twenty-times less.
The functionality is the same.
Yet the premium for human-created is 1,900%.
Like vinyl records and hard-backed books, human-created content will become a luxurious status symbol.
And let's face it - in most situations, does it matter if the content was created by AI or a human?
Does Proof of Personhood Matter?
Worldcoin assures us that proof of personhood does matter.
And offers two reasons why:
- Protecting against sybil attacks or online attacks from multiple pseudonymous identities generated by a single attacker
- Preventing the dissemination of realistic, AI-generated content intended to deceive or spread disinformation at scale.
If you are afflicted by these concerns - Worldcoin also offers a solution…
In summary:
- scan your eyeball - or, more accurately, your iris
- protect your scan with a zero-knowledge proof
- put your iris information on the blockchain
If you're wondering where you heard zero-knowledge proof before, it is the mechanism the LastPass password manager uses for security.
However, I must stress that the vulnerability and exploitation of LastPass are due to weak passwords rather than the maths behind zero-knowledge proofs.
Luckily, Worldcoin has the answer to this problem.
Scan your eyeball whenever you need to prove you're human.
Reading the Worldcoin whitepaper, it struck me that the entire project is a solution looking for a problem.
Moreover, looking at their proposition from a cybersecurity viewpoint, I'm not convinced this is a novel and new problem.
Existing Solutions to Known Cybersecurity Problems
We have existing solutions to the problems Worldcoin poses.
Their first justification is protection against Sybil Attacks - an attack where an individual creates multiple identities to increase their influence.
We all experience Sybil attacks daily.
Two immediate examples are:
- According to a 2014 Oxfam report, only 10 companies own most of the grocery brands on US shelves.
- Only last week, on World Book Day, my son had a workshop with the author Linda Chapman, who uses 10 different pen names to publish her work.
I could go on with examples of social media bot accounts and local or syndicated news outlets…
But the point is - that Sybil's attacks are part of everyday life.
Worldcoin's second justification is similarly flawed.
Consciously spreading realistic but deceptive information is simply an example of fraud. Again, this is something that, unfortunately, occurs daily.
While imperfect, there are many existing methods to counter this threat.
Final Thoughts
From a cybersecurity view - proof of human is not new. Although it is framed more broadly than the Worldcoin perspective.
Cybercrime and HR investigations rely on understanding who is the person behind the keyboard taking the action. Something that is not always straightforward to determine.
Next week, I will cover the difficulties law enforcement faces and the simple way to avoid problems in a business context.
March 12, 20243 Minutes Read
