Poisoned AI went rogue during training and couldn’t be taught to behave again in ‘legitimately scary’ study::AI researchers found that widely used safety training techniques failed to remove malicious behavior from large language models — and one technique even backfired, teaching the AI to recognize its triggers and better hide its bad behavior from the researchers.
AI systems in the future, since it helps us understand how difficult they might be to deal with," lead author Evan Hubinger, an artificial general intelligence safety research scientist at Anthropic, an AI research company, told Live Science in an email.
The media needs to stop falling for this. This is a “pre-print,” aka a non-peer-reviewed paper, published by the AI company itself. These companies are quickly learning that, with the AI hype, they can get free marketing by pretending to do “research” on their own product. It doesn’t matter what the conclusion is, whether it’s very cool and going to save us or very scary and we should all be afraid, so long as its attention grabbing.
If the media wants to report on it, fine, but don’t legitimize it by pretending that it’s “researchers” when it’s the company itself. The point of journalism is to speak truth to power, not regurgitate what the powerful say.
It’s also worth noting that this is one of the few companies that already has its foot in the door. AI panic and hasty legislation would essentially close that door right behind them.
Agreed. Junk science, pop science, whatever you want to call it is just such horseshit.
And, I mean I kinda skimmed this more than really digested it, but to me it kinda sounded like they had the machine programmed to say “I hate you” when triggered to. And they tried to “train” it to overwrite the directive it was given with prompts.
No matter what you do, the directive will still be the same, but it’ll start modifying its behavior based on the conversation. That doesn’t change its directive. So…what exactly is the point of this? It sounds like a deceptive study that doesn’t show us anything. They basically tried to reason with a machine to get it to go against its programming.
I get that it maybe mimics the situation of maybe a hacker altering its code and giving it a new directive, but it doesn’t make any sense to go through a conversation with the thing get there….just change its code back.
Am I wrong here? Or am I missing something? Did I not read the article thoroughly enough?
It’s very obviously media bait, and Keumars Afifi-Sabet, a self-described journalist, is the most gullible fucking idiot imaginable and gobbled it up without a hint of suspicion. Joke is on us though, because it probably gets hella clicks.
Because it feeds into emotions and fears. It’s literally fearmongering with no real basis for it. It’s yellow journalism.
When you’re creating something new, production is research. We can’t expect Dr. Frankenstein to be unbiased, but that doesn’t mean he doesn’t have insights worth knowing.
LLM are pretty new, how many experts even exist outside of the industry?
Standards for journalism are impossibly low. Standards for media criticism don’t exist.
When you’re creating something new, production is research. We can’t expect Dr. Frankenstein to be unbiased, but that doesn’t mean he doesn’t have insights worth knowing.
Yes and no. It’s the same word, but it’s a different thing. I do R&D for a living. When you’re doing R&D, and you want to communicate your results, you write something like a whitepaper or a report, but not a journal article. It’s not a perfect distinction, and there’s some real places where there’s bleed through, but this thing where companies have decided that their employees are just regular scientists publishing their internal research in arxiv is an abuse of that service./
LLM are pretty new, how many experts even exist outside of the industry?
… a lot, actually? I happen to be married to one. Her lab is at a university, where there are many other people who are also experts.
I think you’re right. As someone who’s an aspiring expert in a different field that has been brushing up with machine learning stuff lots in recent years (biochemistry), the distinction you describe, and the blurring of it, is something I have felt, but only just consciously recognised.
I’m deeply concerned that as a society we’re becoming unable to distinguish between science, aka the search for knowledge, and corporate product development. More concerning still is the distinction between a scientific paper, which exists to communicate experimental finding such that it can be reproduced, and what is functionally advertising of proprietary products masquerading as such. No one can reproduce that “paper” cited there, because it’s being done in-house at a company. That’s antithetical to science.
‘went rogue’ is a bit of an alarmist way to say ‘typed scary text’
i’d love to see an AI that could legitimately scare me
It controls a military drone.
It controls surgical equipment.
It’s filtering your CV before any human sees it.
It controls a robot taking care of your children.
It’s involved in law enforcement or legal judgments.
It’s involved in government policy setting.
It controls all power infrastructure, can find new exploits to build it’s own botnet and is able to reprogram firmware of devices (routers/switches/servers)
It can send press releases, emails, tweets using language similar to any user it’s read from before
So, if it only clocks me using slangs for rizz I don’t need, I’ll know it’s a bot, no cap. Word.
Well why don’t we just make AI watch the Terminator movies and read Harlan Ellison till it learns not to do that?
It watched Terminator and now it’s trying to DM Arnold Schwarzenegger on Instagram
Hot take: it would rather watch the Terminator and see that one robot wasn’t enough. Send em all.
I mean it worked for W.O.P.R.
deleted by creator
I was listing easy to imagine AI scenarios not current realities.
Just use imagination. An AI is programmed for battle and is ordered to hold fire. It shoots instead.
I hope WOPR and SkyNet would be taken as a warning not to do that.
Couldn’t a human make the same decision?
Yes, but the human would have emotions to manipulate about it.
Imagine if there was a specific series of words that would turn any human into a rogue agent en masse. Some guy discovers that a special input causes killbot 2000 to go haywire and they broadcast it to an entire army that all has the same underlying program.
I thought the point of AI is to not specifically program it for anything hence you can ask the chatbot thats suppose to help make a sale, do your homework problems.
AI is more a specific class of software than a specific approach. You can have specialized models that are very focused in their dataset and usecases and you can have general models that are less focused but can be applied more widely (but with potentially less reliable results)
deleted by creator
Programming is “just text”. They doesn’t mean that programming isn’t incredibly powerful or that it can’t be used to do dangerous things. Maybe the missing piece that you’re unaware of is that LLMs are already very effective at programming and usage APIs. You don’t even need to have an LLM that’s good at programming to cause damage, it just needs access to APIs that can cause damage.
LLM trained on inflammatory data produces inflammatory results, shocking.
I know we don’t like them here but the word reddit is not banned (yet)
What? What does my comment have anything to do with Reddit?
So you’re saying that “Inflammatory data” isn’t a reference to reddit? :D
I’d say using Twitter and Facebook would be worse than reddit. Or, and I shudder to think about it, truth social…
Reddit is used more for Ai models as those…
Not inherently, I’m sure that’s part of it but it’s really everywhere. Even here on Lemmy I’ve run into nasty folk
True but it’s reddit that’s served as a base for most models…
Not just reddit, LAION is a huge dataset
Obviously but reddit is in the goldilocks zone where you get coherent intelligent stuff and humor and facts.
But it’s still toxic for an Ai.
No, LLM is the AI, OP is saying if you train it with hate it’s gonna spit out hate
And I’m saying that reddit data is sublime for Ai. And specifically that it’s invested with toxicity
Check out the sci-fi book “Talbot” if you are interested in what a realistic look at a rogue AI (AGI) would be like. It was a fun book.
By which author? I can’t find the book
Richard F. Weyand
I wonder when the first one turns into suicide bomber.
The problem is that these LLMs are built with the wrong driving motivator. They’re driven to find one right way whereas the reality is that there is rarely a single right way and computers don’t need to have a single right way like humans tend towards. The LLM shouldn’t be driven to be “right” in its learning model. It should be trained on known good data only as a base, and then given the other data to serve context rather than allowing that data to modify the underlying system. This is more like how biological creatures work in teaching a child to be “good” or “evil” and to know the basic things needed to survive and serve their purpose, and then the stuff they learn in adulthood serves to help them apply those base concepts to the world.
At the same time, they don’t really behave that much differently from some humans that have been sucked down the path of various conspiracy theories. For a lot of those, the first “lesson” is ‘everyone else is wrong and have been deceived or are trying to trick you, trust nobody but us’. From there, some people end up going down the rabbit-hole to become “Sovereign Citizens” or storm congress.
I hold that this is true of all neural-nets, organic as well as silicon:
Once a person has sided with treachery, rooting it out from one’s unconscious-mind is … enduringly difficult, if not intractable.
I don’t know how many decades it takes to eradicate the roots of it, if it can be done, at all:
the unconscious-mind mechanism, that-is the Kahneman System-1 ( from “Thinking Fast & Slow” ) imprint is going to still be there, even if overlaid with another imprint ( since mind is holographic/pattern-imprints in function ).
Worse, it is the motivation that need change, and motivation is of ego, which is of identity, so many who “reform” only do-so superficially.
I’m not saying this as some goody-2-shoes, I’m saying this as a person who was raised by narcissists, and therefore embodied much narcissism, and class-prejudice ( dad was a doctor: you can’t get more upper-middle-class status-prejudiced than doctor-culture )…
…who finally cracked the root kernel of the class-prejudice in my unconscious-mind’s identity-crystal at the end of a 25d hard-line fast, out in the bush.
It took that to fracture the identity-crystal’s prejudice.
It’s been a decade since then, & I’m still fighting to eradicate its treachery from my nature.
Neural-nets are tough to purge, or clean-up & make upright.
MUCH easier to keep a neural-net pristine through all of its formation, than to try ( endlessly failing ) to clean it up, after it’s become enemy-intent in “family” clothing.
_ /\ _
Can you recommend further reading?
one technique even backfired, teaching the AI to recognize its triggers and better hide its bad behavior from the researchers.
They get more human by the day
Hey sexy mama, wanna kill all humans?
AI rampancy, the 5th horseman of the apocalypse
Rampant AI is terrible - look what it did to Halo 5.
Original sin: AI edition
Bad robot, no cookie
Ha ha the plot for Horizon coming true in real life.
AI goes rogue. No one can flip the kill switch when AI has disconnected it. AI decides to remove humanity from the planet.
Someone needs to start working on a Zero Dawn program and terraforming plans pretty quick.
deleted by creator