Etching AI Controls Into Silicon Could Keep Doomsday at Bay

CNAS says licenses could be issued by a government or international regulator and refreshed periodically, making it possible to cut off access to AI training by refusing a new one. “You could design protocols such that you can only deploy a model if you've run a particular evaluation and gotten a score above a certain threshold—let's say for safety,” says Tim Fist, a fellow at CNAS and one of three authors of the paper.

Some AI luminaries worry that AI is now becoming so smart that it could one day prove unruly and dangerous. More immediately, some experts and governments fret that even existing AI models could make it easier to develop chemical or biological weapons or automate cybercrime. Washington has already imposed a series of AI chip export controls to limit China’s access to the most advanced AI, fearing it could be used for military purposes—although smuggling and clever engineering has provided some ways around them. Nvidia declined to comment, but the company has lost billions of dollars worth of orders from China due to the last US export controls.

Fist of CNAS says that although hard-coding restrictions into computer hardware might seem extreme, there’s precedent in establishing infrastructure to monitor or control important technology and enforce international treaties. “If you think about security and nonproliferation in nuclear, verification technologies were absolutely key to guaranteeing treaties,” says Fist of CNAS. “The network of seismometers that we now have to detect underground nuclear tests underpin treaties that say we shall not test underground weapons above a certain kiloton threshold.”

The ideas put forward by CNAS aren’t entirely theoretical. Nvidia’s all-important AI training chips—crucial for building the most powerful AI models—already come with secure cryptographic modules. And in November 2023, researchers at the Future of Life Institute, a nonprofit dedicated to protecting humanity from existential threats, and Mithril Security, a security startup, created a demo that shows how the security module of an Intel CPU could be used for a cryptographic scheme that can restrict unauthorized use of an AI model.

Read the full story and more from Wired.