Data and Models
Using an extended computer analogy to show you what’s going on in your head
Laptops and Four Function Calculators
What’s the difference between your laptop and a four function calculator? What makes your laptop so much more useful than a four function calculator?
A four function calculator is limited in its functionality, literally, to four different functions — addition, subtraction, multiplication, and division. Your laptop has seemingly infinite uses. In addition to basic arithmetic, it can run games, play videos, display email, process Microsoft Word documents and so on and so forth. The only real constraints, it seems, on what your computer can do are its specs and what software applications are available to download.
What’s the difference between the two, then, that allows your laptop to do all the things it does? Both are technically computers because they compute and the circuits inside both use the same set of components (NAND gates, transistors, etc). What conceptual difference accounts for the difference in functional possibilities?
Let’s think of a computer as a combination of a processing unit and a memory unit. The processing unit does the computation work and the memory unit stores the data that is needed for the computation work, as well as the result.
A four function calculator takes the data stored in its memory unit (your input), computes on it, and writes this data back to the memory unit (and back to the screen for you to see).
A laptop (or any other general-purpose computing device) also takes the data stored in its memory unit, computes on it, and writes this data back to the memory unit. The difference between the two is that a laptop’s processing unit will look for instructions and data in its memory unit while the calculator’s processing unit will only look for data in its memory unit. (The instructions for a four function calculator are hard-coded in the circuits of the processing unit.) This means that the laptop can be programmed by writing instructions to memory and then pointing the processing unit at the set of instructions. If a laptop is a child that can be taught to do new things (programmed), a four function calculator is a one trick pony (or, in this case, a four-trick pony).
From here on out, we’ll refer to a set of instructions as a “program” or “application”.
When you buy a laptop, you aren’t interested in writing out the instructions for every single program you use. That would be a waste of time since these programs (or applications) have already been written by other people and are available elsewhere. So, instead of writing your own word processor from scratch, you download Microsoft Word. Instead of writing your own internet browser from scratch, you download Google Chrome, and so on and so forth.
Each program that you download makes your computer more useful to you if that program does something you want. I say this because you can also download programs that have malicious intent (malware i.e. malicious software) or that don’t have malicious intent but still cause unwanted effects (example). So the ability to interpret data as instructions enables the laptop to do so many different things, but it also makes it vulnerable to exploitation from programs that work against the user’s interests. General-purpose computing is a double-edged sword.
The Human Version of Malware
In this extended analogy, people are best described as a combination of two things: their interests (i.e. needs and wants) and a general purpose computing ability. Just like laptops, people have the ability to remember things, process things they remember, and act accordingly. They also have the ability to follow instructions stored in memory, just like laptops do. A good example is the classic “tell somehow how to do something and watch them do it”.
Since humans and laptops both have general purpose computational abilities, they are vulnerable in the same way. If laptops are vulnerable to malware, humans are vulnerable to their version of malware. And, if there are ways of preventing and removing malware from laptops, there are also ways of doing so for the human version of malware as well.
What is Malware?
People call software malware when it actively works against their interests. In other words, the malware designation is a reflection of the people using the computer not any inherent quality of the software itself. All software is essentially the same — a set of instructions. Whether it’s effects align with the user’s interests or not is what determines whether it’s malware.
What is the Human Version of Malware?
In order to answer this, we need to first answer the question, what is the human version of software?
Let’s start with the simplest “human software” and work our way up. Instincts, reflexes, and automatic actions like breathing are at the bottom. These programs are hard-wired directly into our nervous system, either in the spinal cord or the oldest parts of our brain (e.g. brainstem, thalamus) and run without us being aware of them. You have very little or no conscious control over them and cannot change these programs.
For those of you who are familiar with computer architecture, instincts, reflexes, and automatic actions are like the read-only firmware that runs when a computer starts (BIOS, UEFI).
Next you have programs for emotional processing, kinesthetic coordination, sensory processing, long-term memory formation and hormone regulation. These programs are handled by the part of the brain called the limbic system. These programs are not hard wired directly into your nervous system but come with strong defaults. Changing these defaults takes many repetitions and happens gradually, as in the case of conditioning.
The best analog for the limbic system for computers is the Operating System.
At the very top you have programs for abstract reasoning, perception, decision-making, and language processing. These programs are run by the neocortex, the newest part of the brain (evolutionarily speaking). You start out with a few pre-installed programs, like those for language acquisition, but many of the programs you will use in your lifetime will be learned. The process of learning here is quick, and because of this, there is a lot of flexibility here in what programs you install and uninstall. These are the types of programs that we are mainly concerned with when dealing with human malware since they usually originate from an outside source and are very easy to install.
These programs are like the software applications on your laptop. Some of these come pre-installed, like “Settings” or “System Utilities”, but the majority of the ones you end up using are downloaded from the App Store or the internet, like Google Chrome or Microsoft Word. Installing and uninstalling these programs is easy and happens frequently.
Human malware is any model that doesn’t serve the interests of the host. Malware usually operates by directing the resources of its host in service of an outside entity. For computers, the main resources in question are compute power and sensitive information. For people, the main resources are time and energy.
The presence of malware is easy to detect on computers because the malware can’t infect the laptop owner, so it can’t hide itself by modifying the interests of the laptop owner. With people, the interests and compute power reside in the same place (the nervous system), so malware not only redirects resources, it can also influence the interests of the host in a way that makes the host actually want to do what the malware is doing.
The human version of a computer program is best described as a “model”, in the sense that it models something. Both a model and a computer program take a stimulus as input and take action of some kind. The difference here is malleability of a model — it changes as new data comes in in order to better model whatever it is it’s trying to model. If you’re familiar with machine learning models, human models are almost exactly the same thing.
A model has two components: it’s assumptions and the data it’s trained on. The assumptions provide the conceptual framework for interpreting the data, and the data is what the model tries to model. Both affect the behavior of the model and are vulnerable to exploitation.
Dealing with Human Malware
Let’s start with the motivation, because this is not a pleasant process: Why do I care if there’s malware in my brain? I’m doing fine as it is, why do I need to root out and remove some so-called “malware” from my brain if there aren’t any negative side effects?
Because your time and energy is being directed in the service of some outside entity that doesn’t have your interests in mind (some company, US gov, etc). Once you realize what’s going on it’ll be too late. That question is like asking, “Why should I run malware scans on my computer if I haven’t noticed anything fishy going on yet?” When you notice, it’s too late, they already got all of your passwords. This is the sort of thing where being proactive yields far better results than being reactive.
The next step is understanding how to identify these models in your brain. This is the trickiest part because the way you perceive the world is built upon the models in your brain. Models are like glasses that you wear but that you can’t take off. They are responsible for filtering out unimportant information and transforming it into something meaningful. This “something meaningful” is your perception of the world.
Bolded steps are filtering / transformation steps.
Raw stimuli => glasses => eyes => optic nerve => visual cortex => vision (what you see) => … => physical action(s)
Information => models => perception (your conceptual map of the world) => decisions
If you change the filtering / transformation steps in the visual chain, you directly affect what the person sees. Similarly, if you change the models that someone uses to navigate the world, you will change their perception of what is going on, and by extension, what decisions they make. Malware models are ones that influence the host’s perception in a way that makes them decide to dedicate time and energy to something that isn’t in their best interests.
Don’t Mistake Data for Priors (Preventative)
The assumptions that a model is based upon are called its priors. The term “prior” is a mathematical term and is used frequently when discussing Bayesian Statistic and Machine Learning problems. The term “prior” is named as such probably because the priors of a model, i.e. its assumptions, as established prior to the processing of any data.
Priors in a human model are akin to the instructions in a computer program. They tell the computer how to process the data it receives as input. Because of this, priors are a crucial leverage point when determining what a computer does or how a person reacts. For a person, their priors constitute the framework around which the world is perceived, or the lens through which the world is seen. Changing how someone behaves is very easy if you can change how they see the world. In the same way, changing what a computer does is very easy if you can the instructions it executes.
The reason why laptops are so useful and also why they are vulnerable to malware is because they can interpret data as instructions. The human analog to this is interpreting data as priors, or using the raw data as a basis for how you see the world.
Imagine you’re at a used car dealership and one of the salespeople tells you that he’s trustworthy and that he has your best interests in mind. What he said is the data, and if this is your first time buying a car, you might take treat this data as a prior, which means you will take what he said to heart and assume that he is trustworthy and has your best interests in mind. But, if you’ve had any experience with car salespeople in the past, you wouldn’t fall for that because you have a model of car salespeople in your head and whatever the salesperson says gets run through the model instead of being taken as gospel. (In this case, the model will most likely tell you that he’s full of shit and wants to hit quota.)
Ideally, you would treat all data as input and not as instructions, just like the four-function calculator. This would make you immune to malware. But this isn’t a realistic because humans need to learn in order to survive, and in order to learn, you have to start with a set of assumptions about whatever you’re learning about. So a) be very careful about what assumptions you adopt and b) make sure not to mistake data for priors, as in the car salesman example. But this is not nearly enough. It’s like telling people with computers the key to not getting malware is to not download malware in the first place. Sure, perhaps, but no filtering criteria is perfect and you’re eventually going to click on a bad link. Let’s not forget that you’ve been downloading programs from the TV, the News, your family, school, your friends, whatever, whoever, for the past however many decades without any sort of protective filters in place.
Information Hygiene (Preventative)
The second component of a model is the data it’s trained on. If you have good assumptions, you’re halfway there, but you also need to make sure the data your assumptions are interpreting aren’t tainted in any way. You can easily influence the conclusions of a model by manipulating the data it trains on. If a kid grows up in a single parent household and everyone around them also lives in single parent households, they are going to think that this is normal and probably the only feasible way to raise children. If they grew up in the suburbs surrounded by two-family households, they’d have the view that two parents is the way to go.
To put it simply, assumptions + data = perception. Start with bad assumptions, come to bad conclusions. Consume bad data, come to bad conclusions. “Bad” in this case really means inaccurate, misrepresentative or unrealistic.
Being careful about what priors you adopt, not confusing data and priors and practicing good information hygiene are preventative measures that will help you avoid malware going forward. But preventative measures aren’t perfect and you’ve already got a boatload of malware up in your hard drive. The next question is, how do you get rid of malware?
One way to detect malware is to look at how you are spending your time and energy and whether those resources are furthering your interests. After all, redirection of resources away from your interests is the signature effect of malware.
To identify and characterize your mental models, you need to use triangulation. Triangulation (in the geometric sense) is the process of figuring out the location of an object by using measurements from two different observers. In this context of this post, triangulation is the process of determining the subjective parts of your perception by using observations from two different people. What you perceive is a combination of an outside stimulus coupled with your mental models. The outside stimulus is the objective component of your perception and your mental models make up the subjective component. The tricky part here is taking what you perceive and untangling the subjective and objective components. Let’s say that you and I are both looking at an object on the ground. I tell you that the object is fuzzy, grey, and oblong; you tell me that it’s grey and oblong but with distinct borders. The fuzziness or distinctness of the object here is clearly subjective (it varies from subject to subject). The fuzziness on my end might be attributable to my poor vision or watery eyes, and the distinctness on your end to your excellent eyesight. We cannot say with certainty, though, that greyness and oblongness of the object is an objective attribute of the thing on the ground because we might both share the same subjective processes that make the object appear grey and oblong to both of us. We can never say for sure what the objective properties of the object are, but we can increase our confidence that the object is objectively grey and oblong by comparing our observations with more people’s observations and verifying that greyness and oblongness shows up in all of them. The objective source is inaccessible to us, but that’s ok, because we don’t need it.
Once you separate out the subjective from the possibly-objective, you know what part of your observation can be completely attributed to your mental models (the subjective parts). If you do this enough, you will start to understand what sort of mental models are in your head and how they are affecting your perception. With this information, you can move onto the next step: removing malware.
As far as I can tell, there are two ways to do this.
The first method requires you to seek out information that does not fit with the model in question. This method is basically seeking out information that contradicts or invalidates the assumptions that the model is based upon. If you do this right, this new information will trigger such strong cognitive dissonance that you will start questioning all the assumptions of the model and decide to toss it out. Obviously this is a painful process and it’ll feel like you’re in a metaphysical tailspin, but that’s to be expected when you’ve forcefully removed a model from your brain. This removal will leave a vacuum that will long to be filled. If you can, resist the urge to find another model to replace the one you just destroyed. You will be panicking and are vulnerable to adopting the first model you come across without carefully vetting it. Take your time when finding a set of assumptions to replace your newly-excised model.
This process happens to people whenever they experience an event in their life that makes them question everything. They come out the other side as a “new person”. You know the sort of events I’m talking about — cheating, divorces, breakups, death, that sort of thing. The process I listed above is the proactive version of this.
The second method is a generalized version of TLP’s “Fake it till you make it” method. The idea behind “Fake it until you make it” is acting in a way that is congruent with the model you are trying to adopt and in direct conflict with the model you’re trying to destroy. This method simultaneously destroys a model and replaces it with another one, so you’ll need to know what you want to replace the malware with. “Fake it till you make it” also uses cognitive dissonance to destroy models, but it does so through actions, not information.
Information => Model => Update (optional) => Action => [Information]
The first method works by changing the information you’re feeling into the model. This method works by changing the actions you take. The reason this works (I’m guessing) is that your brain demands congruence between the information you take in, the model you use to process the information, and the action(s) you take as a result. A lack of congruence signals that your model is not well-adapted to the world you’re in or that you’re not taking the correct actions based on the interpretations given by the model. The update step adjusts the model, when necessary, in order to minimize cognitive dissonance (or maximize congruency). When the mismatch is too serious, the update step will often resort to throwing out the old model entirely. If the person isn’t in a state where they can do that, the update step will repress (temporarily forget) the troublesome information for unconscious processing later.
Acting in a way that does not fit with your existing model will create cognitive dissonance. It will feel entirely unnatural to do this since you have to consciously force yourself to act in a way that contradicts how you see the world. The cognitive dissonance will keep growing the more you do this. Eventually, you’ll start the tailspin, and the rest is really handled for you. All you need to do is trigger the process and endure the feelings that come along with it.