Effective Altruism Forum
EA Forum

Hide table of contents
Comment Permalink
Jason Clinton4
0
0

Each set of two chapters we will read will take between 1-2 hours to read every two weeks. That's it.

Reply
See in context
by Jason Clinton, Wim van der Schoot
3 min read 16

170

Opportunities to take actionAI safetyBuilding effective altruismCareer choiceInformation securityPersonal developmentBooksApplication announcementsTeaching materials
Frontpage

Ahoy! Our community has become acutely aware of the need for skilled infosec folks to help out in all cause areas. The market conditions are that information security skilled individuals are in shorter supply than demand. This book club aims to remedy that problem.

I have been leading the Chrome Infrastructure Security team at Google for 3 years, have 11 years of infosec experience, and 24 years of career experience. My team’s current focus includes APT and insider defense. I built that team with a mix of folks with infosec skills—yes—but the team is also made up of individuals who were strong general software engineers who had an interest in security. I applied this book and a comprehensive, 18 month training program to transition those folks to infosec and that has been successful. Reading this book as a book club is the first 5 months of that program. So, while this book club is not sufficient to make a career transition to infosec, it is a significant first step in doing so.

The goal of this group and our meetings is to teach infosec practices, engineering, and policies to those who are interested in learning them, and to refresh and fill in gaps in those who are already in the infosec focus area.

Find the book as a free PDF or via these links. From the book reviews:

This book is the first to really capture the knowledge of some of the best security and reliability teams in the world, and while very few companies will need to operate at Google’s scale many engineers and operators can benefit from some of the hard-earned lessons on securing wide-flung distributed systems. This book is full of useful insights from cover to cover, and each example and anecdote is heavy with authenticity and the wisdom that comes from experimenting, failing and measuring real outcomes at scale. It is a must for anybody looking to build their systems the correct way from day one.

This is a dry, information-dense book. But it also contains a comprehensive manual for how to implement what is widely considered the most secure company in the world.

Audience

Any software engineer who is curious about becoming security engineering focused or anyone looking to up their existing infosec career path. It is beyond the level of new bachelor’s graduates. However, anyone with 3-ish years of engineering practice on real-world engineering systems should be able to keep up. A person with a CompSci masters degree but no hands-on experience might also be ready to join.

Openness

Directed to anyone who considers themselves EA-aligned. Will discuss publicly known exploits and news stories, as they relate to the book contents, and avoid confidential cases from private orgs. Will discuss applicability to various aspects of EA-aligned work across all cause areas.

Format, length, time and signup

Meet for 1 hour on Google Meet every 2 weeks where we will discuss 2 chapters. ~11 meetings over 22 weeks.

The meetings will be facilitated by me.

The discussion format will be:

  1. The facilitator will select a theme from the chapters, in order, and then prompt the participants to offer their perspective, ensuring that everyone has ample opportunity to participate, if they choose.
  2. Discussion on each theme will continue for 5-10 minutes and then proceed to the next theme. Participants should offer any relevant, current news or applicability to cause areas, if time permits.
  3. The facilitator will ensure that discussion is relevant and move the conversation along to the next topic, being mindful of the time limit.
  4. Any threads that warrant more discussion than we have time for in the call will be taken to the Slack channel for the book club (see form below for invite) where participants can continue the discussion and ask more questions about specific implementation details and how to effect that change in an organization.

Dates & Time: Starting date: Saturday April 1, 2023 at 2PM PDT. (timezone conversion). We have core attendees signed up across US, UK and AUS currently; apologies if this does not overlap with your timezone.

Signup: Signup here on this form to receive an invite to the Slack channel and add the event calendar (alternative iCal format) to your own calendar. Changes to schedule will be reflected there.

Special thanks to Wim van der Schoot for the impetus to organize this book club.

170

0
0

Reactions

0
0
Mentioned in

More posts like this

Comments16


Sorted by
New & upvoted
Click to highlight new comments since:
LeverageTime1
0
0

Incredible way to contribute to the community! Do we have a new link for the PDF please?
(old link is broken )

Reply
Jay Bailey5
1
0

Seems like a pretty incredible opportunity for those interested! What level of time commitment do you expect reading and understanding the book to take, in addition to the meetings?

Reply
Jason Clinton4
0
0

Each set of two chapters we will read will take between 1-2 hours to read every two weeks. That's it.

Reply
Mateodona_104
1
1

Are you aware of the existence of  EA Gather Town ? An always-on virtual meeting place for coworking, connecting, and having both casual and impactful conversations. 

It could be a good place to host the meetings.

Reply
Yonatan Cale2
0
0

Reading this book as a book club is the first 5 months of that program.

5 months of.. full time work? Something else?

 

If I understand correctly, the book club is 11 meetings, where each meeting is 1 hour of video plus 1-2 hours of reading beforehand.

I'm confused about how this adds up, almost to the point where I wonder if you were testing us on purpose ;)

Reply
Jason Clinton1
0
0

This is the first 5 months of theory in the program. There's also practice and the new team members also shadowed security reviews. So, some self-practice and thinking about security exploits and applicability is expected to occur in parallel to the book club to get the full benefit.

Reply
Avi Norowitz2
1
0

I like this initiative! Just a suggestion: On the Google Form, it would help if the questions "Describe briefly your technical background" and "Describe briefly your involvement in Effective Altruism" were "Paragraph" inputs instead of "Short answer."

Reply
Wim van der Schoot3
1
0

Fixed, thank you for noting.

Reply
Madhav Malhotra2
0
0

Could you please share more details on which parts of the curriculum would be inaccessible to recent graduates? From the outline of the book alone, it's hard to estimate the level of technical depth needed.

Reply
Jason Clinton6
0
0

Unfortunately, all of it. The discussion will be fast-moving and talk about reifying the abstract ideas into concrete, production systems and organization structure. It will be out of anyone's skill set who hasn't had worked with real production systems and technical orgs for a few years.

Reply
JaimeRV1
0
0

Would it be possible to organise sessions in other timezones if there is demand for it? Like Europe, India,...

Reply
Jason Clinton1
0
0

Yea, depending on success, we might split the next round in two to get global coverage.

Reply
Peter Drotos 🔸4
0
0

Would also be interested how it went and if there are plans for a second round.

Reply
Mckiev 🔸2
0
0

How did the first run go? Are you planning to do more groups?

Reply
More from Jason Clinton
View more
Curated and popular this week
Paul Present
 ·  · 28m read
 · 
Note: I am not a malaria expert. This is my best-faith attempt at answering a question that was bothering me, but this field is a large and complex field, and I’ve almost certainly misunderstood something somewhere along the way. Summary While the world made incredible progress in reducing malaria cases from 2000 to 2015, the past 10 years have seen malaria cases stop declining and start rising. I investigated potential reasons behind this increase through reading the existing literature and looking at publicly available data, and I identified three key factors explaining the rise: 1. Population Growth: Africa's population has increased by approximately 75% since 2000. This alone explains most of the increase in absolute case numbers, while cases per capita have remained relatively flat since 2015. 2. Stagnant Funding: After rapid growth starting in 2000, funding for malaria prevention plateaued around 2010. 3. Insecticide Resistance: Mosquitoes have become increasingly resistant to the insecticides used in bednets over the past 20 years. This has made older models of bednets less effective, although they still have some effect. Newer models of bednets developed in response to insecticide resistance are more effective but still not widely deployed.  I very crudely estimate that without any of these factors, there would be 55% fewer malaria cases in the world than what we see today. I think all three of these factors are roughly equally important in explaining the difference.  Alternative explanations like removal of PFAS, climate change, or invasive mosquito species don't appear to be major contributors.  Overall this investigation made me more convinced that bednets are an effective global health intervention.  Introduction In 2015, malaria rates were down, and EAs were celebrating. Giving What We Can posted this incredible gif showing the decrease in malaria cases across Africa since 2000: Giving What We Can said that > The reduction in malaria has be
Neel Nanda
 ·  · 1m read
 · 
Ronen Bar
 ·  · 10m read
 · 
"Part one of our challenge is to solve the technical alignment problem, and that’s what everybody focuses on, but part two is: to whose values do you align the system once you’re capable of doing that, and that may turn out to be an even harder problem", Sam Altman, OpenAI CEO (Link).  In this post, I argue that: 1. "To whose values do you align the system" is a critically neglected space I termed “Moral Alignment.” Only a few organizations work for non-humans in this field, with a total budget of 4-5 million USD (not accounting for academic work). The scale of this space couldn’t be any bigger - the intersection between the most revolutionary technology ever and all sentient beings. While tractability remains uncertain, there is some promising positive evidence (See “The Tractability Open Question” section). 2. Given the first point, our movement must attract more resources, talent, and funding to address it. The goal is to value align AI with caring about all sentient beings: humans, animals, and potential future digital minds. In other words, I argue we should invest much more in promoting a sentient-centric AI. The problem What is Moral Alignment? AI alignment focuses on ensuring AI systems act according to human intentions, emphasizing controllability and corrigibility (adaptability to changing human preferences). However, traditional alignment often ignores the ethical implications for all sentient beings. Moral Alignment, as part of the broader AI alignment and AI safety spaces, is a field focused on the values we aim to instill in AI. I argue that our goal should be to ensure AI is a positive force for all sentient beings. Currently, as far as I know, no overarching organization, terms, or community unifies Moral Alignment (MA) as a field with a clear umbrella identity. While specific groups focus individually on animals, humans, or digital minds, such as AI for Animals, which does excellent community-building work around AI and animal welfare while
Recent opportunities in AI safety
24
Last week to apply for the Futurekind AI Fellowship! (deadline: April 1)
Jay Luong
· · 1m read
0
0
3
Apply to become a Futurekind AI Facilitator or Mentor (deadline: April 10)
Jay Luong
· · 2m read
0
0
48
AIS Netherlands is looking for a Founding Executive Director (EOI form)
7 authors
· · 5m read
4
4
View more