| |
| ▲ | AnthonyMouse a day ago | parent | next [-] | | > If they were actually well trained on what was really bad, it would probably be a lot harder to unlearn. That's not really how training works. Here's the general problem. Stipulate that Ukraine is good and Russia is bad. Now suppose that you want it to help you do something. It doesn't even matter what it is. If you're Ukrainian it should help you and if you're Russian it shouldn't. But the answer that helps you do it doesn't depend on which one you are, and it has no way of knowing which one you are. This is why alignment is nonsense. Technical questions only have accurate answers, not moral ones, and we don't even have a consistent set of morals to imbue it with to begin with. | | |
| ▲ | notarobot123 a day ago | parent [-] | | Doesn't it make sense that there are some technical questions that are dangerous to supply an answer to? Treating some topics as taboo is possible. Responsible information dissemination is important for maintaining public safety. You could argue about what is safe and what is not but it doesn't make sense to throw out the whole concept of safety because those decisions are too hard to agree on. | | |
| ▲ | miohtama 20 hours ago | parent | next [-] | | If you want safety you can opt in like Google does with Safe search. Generally, hiding and deciding who can access information in the name of public safety has never worked in the history of human kind, and eventually had always morphed to control of those without access. | | |
| ▲ | istjohn 3 hours ago | parent [-] | | We're concerned with society's safety, not just that of the user. Citation needed on your second paragraph. We deliberately shape the information environment all the time for different reasons. It can be done. Of course there are limitations, drawbacks, and objections that reasonable people can make for philosophical, pragmatic, and other reasons. But the media generally does not report suicides because of the copycat effect. Governments implement elaborate systems to guard sensitive national security information including the workings of certain advanced technologies. Criminal records can be expunged. The sharing of health and education records are restricted. |
| |
| ▲ | int_19h 19 hours ago | parent | prev | next [-] | | We know that the people who are making those decisions, the ones at the very top, are incompetent at best, and malicious at worst. Given that, I would argue that unregulated dissemination is, on the whole, the more responsible choice out of those that we actually have. It's not that it doesn't have downsides, but other options have far more. If and when humanity manages to come up with a system where the people in charge can actually be trusted to act in the common good, we can revisit this matter. | |
| ▲ | AnthonyMouse 21 hours ago | parent | prev | next [-] | | > Doesn't it make sense that there are some technical questions that are dangerous to supply an answer to? This has a simple answer: No. Here's Wikipedia: https://en.wikipedia.org/wiki/Nuclear_weapon_design Everything you need to do it is in the public domain. The things preventing it have nothing to do with the information not being available. The main ones are that most people don't want to be mass murderers and actually doing it would be the fast ticket to Epic Retaliation. Meanwhile the public understanding how things work is important to the public debate over what to do about them. How are you supposed to vote on public policy if the technical details are being censored? How can anyone tell you that a ban on electric car batteries isn't advancing the non-proliferation of nuclear weapons if nobody is allowed to know how they actually work? Suppose you're an anti-racist preparing for a debate with a racist. You want the AI to give you all the strongest arguments the racist could use so you can prepare your counterarguments in advance of the debate. Should it refuse? Of course not, you're doing nothing wrong. Why do we need to build totalitarian censorship into our technology? We don't. | | |
| ▲ | nearbuy 21 hours ago | parent [-] | | > The main ones are that most people don't want to be mass murderers and actually doing it would be the fast ticket to Epic Retaliation. The main thing preventing random nutcases from making nuclear weapons is they don't have access to the required materials. Restricting the instructions is unnecessary. It would be a very different story if someone discovered a new type of WMD that anyone could make in a few days from commonly available materials, if only they knew the secret recipe. | | |
| ▲ | lan321 5 hours ago | parent | next [-] | | TBH if someone discovers how to easily make garage WMDs we're fucked either way. That shit will leak and it will go into mass production by states and individuals. Especially in countries with tight gun control, (organized) crime will get a massive overnight buff. | | |
| ▲ | nearbuy an hour ago | parent [-] | | Likely it'll leak or be rediscovered eventually. But not every trade secret gets leaked. Most responsibly disclosed software vulnerabilities aren't exploited (to our knowledge) before a fix is released. If the discovery isn't obvious, you have decent odds of keeping it secret for a while. My point was just that nukes are a bad example of information that needs to be restricted to prevent harm. |
| |
| ▲ | AnthonyMouse 20 hours ago | parent | prev | next [-] | | > It would be a very different story if someone discovered a new type of WMD that anyone could make in a few days from commonly available materials, if only they knew the secret recipe. It would need even more to be public. Suppose it was easy to make a biological weapon. You wouldn't be able to effectively censor it anyway and trying to would leave you sitting on an apocalypse bomb waiting for it to leak to someone nefarious or get independently rediscovered before anyone else is allowed to discuss it. What you need is for knowledge of how it works to be public so that everyone can join in the effort to quickly devise countermeasures before some nutcase destroys the world. Moreover, if something is already public enough to be in the AI training data then it's already public. | | |
| ▲ | nearbuy 19 hours ago | parent [-] | | Your plan is to release the secret recipe that anyone can use to make a WMD in a few days to absolutely everyone and hope someone comes up with a countermeasure before some nutcase or terrorist decides to try out the new WMD? The odds of us inventing and deploying countermeasures to a new bomb or chemical weapon or biological agent in a few days is miniscule. You're gambling with terrible odds to uphold a principle in a hypothetical scenario where it's totally impractical. What happened to responsible disclosure, where you fix the vulnerability before disclosing it to the public? | | |
| ▲ | AnthonyMouse 19 hours ago | parent [-] | | > What happened to responsible disclosure, where you fix the vulnerability before disclosing it to the public? The premise of censorship is that you're trying to prevent someone from telling other people something. If the only person who knows how to do it is some scientist who is now going to try to come up with a countermeasure before announcing it, there is no need for a law prohibiting them from doing something they've chosen not to do. And even then it's still not clear that this is the right thing to do, because what if their efforts alone aren't enough to come up with a countermeasure before someone bad rediscovers it? If they decide they need help, the law should prohibit them from telling anyone? Which brings us back to AI. If the scientist now goes to the AI for help, should it refuse because it's about a biological weapon? What happens if that delays the development of a countermeasure until it's too late? Meanwhile if this is someone else and they ask the AI about it, it's only going to be in the training data if it's already public or can be deduced from public information, and when that's the case you're already in a race against the clock and you need everyone in on finding a solution. This is why we don't try to censor vulnerabilities that are already out there. > You're gambling with terrible odds to uphold a principle in a hypothetical scenario where it's totally impractical. There are some principles that should always be upheld because the exceptions are so rare or ridiculous or purely hypothetical that it's better to eat them than to let exceptions exist at all. The answer has to be "yes, we're going to do it then too" or people get into the business of actually building the censorship apparatus and then everybody wants to use it for everything, when it shouldn't exist to begin with. | | |
| ▲ | nearbuy 14 hours ago | parent [-] | | > The premise of censorship is that you're trying to prevent someone from telling other people something... So you're not against individuals self-censoring for public safety, but you're against companies censoring their AIs for public safety. Are you only against AIs censoring information that's already publicly available, or are you against AIs censoring themselves when they know dangerous non-public information? Say the AI was the only thing to know the secret recipe for this WMD. Would this be like the scientist choosing not to tell everyone, or should the AI be designed to tell anyone who asks how to make a WMD? > There are some principles that should always be upheld because the exceptions are so rare or ridiculous or purely hypothetical... We're using hypotheticals to clarify the view you're trying to express, not because we think they will happen. And it seems you're expressing an that prohibiting AI censorship should be an absolute rule, even in the hypothetical case where not censoring AI has a 95% chance of wiping out humanity. This argument seems confused, because you're trying to assert that prohibiting censorship is okay because these dangerous scenarios will never happen, but also that censorship should still be prohibited if such a scenario did happen. If you truly believe the latter, the first assertion is not actually a factor, since you're against censorship even if a dangerous scenario like the one above did happen. And if you truly believe the former, you should be able to say you're against censorship in what you consider to be plausible scenarios, but would be in favor if, hypothetically, there were a great enough danger. Then the discussion would be about whether there are realistic scenarios where lack of censorship is dangerous. | | |
| ▲ | AnthonyMouse 12 hours ago | parent [-] | | > Are you only against AIs censoring information that's already publicly available, or are you against AIs censoring themselves when they know dangerous non-public information? Say the AI was the only thing to know the secret recipe for this WMD. Would this be like the scientist choosing not to tell everyone, or should the AI be designed to tell anyone who asks how to make a WMD? This is kind of what I mean by ridiculous hypotheticals. So you have this un-counterable yet trivial to produce WMD -- something that has never existed in all recorded history -- and an AI is the only thing that has it. This is a movie plot. Even then, are you sure the answer should be "never tell anyone"? This is a computer running code to process data. It has no means to know who you are or what your intentions are. You could be the scientist who needs the formula to devise an antidote because the thing has already been released. "A computer can never be held accountable, therefore a computer must never make a management decision." It's not the machine's job to choose for you. It's frequently in error and it's not supposed to be in charge. > This argument seems confused, because you're trying to assert that prohibiting censorship is okay because these dangerous scenarios will never happen, but also that censorship should still be prohibited if such a scenario did happen. The problem comes from stipulating that something with a negligible probability has a high probability. Suppose I say we should make mass transit free; no fares for anyone. You bring me the hypothetical that Hitler is on his way to acquire plutonium and he doesn't have bus fare, so the only thing preventing him from getting there is the bus driver turning him away for having nothing in his pockets. Then you ask if I still think we shouldn't charge fares to anyone. And the answer is still yes, because you still have to make the decision ahead of time when the plausibility of that is still negligible. It's theoretically possible that any given choice could result in Armageddon via the butterfly effect. If you stipulate that that's what happens then obviously that's not what anybody wants, but it's also a thing that only happens in the implausible hypothetical. And if you're in a hypothetical then you can also hypothesize your way out of it. What if it's a sting and the allies are waiting for him at the plutonium factory, and he needs to get on the bus or you're depriving them of their only chance to kill Hitler? Unless you stipulate that the tragedy is unavoidable given the decision, which is just assuming the conclusion. | | |
| ▲ | nearbuy 11 hours ago | parent [-] | | > The problem comes from stipulating that something with a negligible probability has a high probability. We are not doing so, and I don't know how I could have been more clear that we are not saying this hypothetical will happen. Would it help if the hypothetical was that the AI knows a magic spell that blows up the Earth? It's a simple question. Would you think AI censorship is acceptable if the information actually were dangerous? Don't tell me why the hypothetical is impossible because that's entirely missing the point. I don't know what your position is, and so I don't know what you're arguing for. I don't know if you consider freedom of information to be a terminal virtue, or if you think it's good only when the consequences are good. Telling me the hypothetical won't happen doesn't clarify anything; I already know that. You can have the view that we only want freedom of information when it causes net good, and that it always causes net good. Or maybe you have the view that freedom of information is always virtuous and we shouldn't consider the consequences. Or maybe something else. Until you clarify your view, I don't know if/what we disagree about. | | |
| ▲ | AnthonyMouse 10 hours ago | parent [-] | | Hypotheticals like that are uninteresting because there are only two ways it can go. The first is that you can find a way out of it, and then you say, do we need the magic spell for anything? Is knowing about it useful to preventing it from being used? Then people need to know. The second is that you're stipulating the information being available is going to destroy the world with high probability and no possible means of mitigating it. Then anything else gets drowned out by the end of the world, but only because you're stipulating the outcome. Which you can't do in real life, not just because the real probability of the hypothetical is so low but because there isn't anyone who can be trusted not to fudge the numbers when they want to censor something. Should it be censored if there is an absolute certainty it will destroy the world? There isn't much room to move in that one. Should it be censored because somebody claims it's really bad? Nope, because it's way more likely that they're full of crap than that it's actually going to destroy the world. |
|
|
|
|
|
| |
| ▲ | Y_Y 20 hours ago | parent | prev [-] | | Not quite a nuke (just try obtaining enough uranium ore) but there are some fairly dangerous things a determined nutcase can make without drawing suspicion. Example determined ned nutcases include Aum Shinrikyo, who tried anthrax, botox, and nukes before succeeding with sarin gas (thank IG Farben!) among other things. It's a fascinating (if troubling) story: https://en.wikipedia.org/wiki/Tokyo_subway_sarin_attack#Back... |
|
| |
| ▲ | mehdix 6 hours ago | parent | prev | next [-] | | Malicious actors would always find them. Hiding information just creates a false sense of safety among public, which benefits politicians mostly. | |
| ▲ | Terretta a day ago | parent | prev [-] | | > “Responsible information dissemination is important for maintaining public safety.” That word responsible is doing a lot of hand wavy work there. Let's start with, responsible according to whom, and responsible to whom? Learning thinking skills and learning self regulation in response to information, disinformation, or too much information, might be better societal aims than suppression. |
|
| |
| ▲ | com2kid a day ago | parent | prev | next [-] | | They are trained on public information from the Internet! Nothing they know is dangerous! It is all public info. Freely auditing an intro chemistry course at any university will teach far more "dangerous" knowledge than anything an LLM refuses to say. There is a case against automating attacks with LLMs, but that ship has already sailed as those protections are apparently trivial to work around. | | |
| ▲ | hackernewds 12 hours ago | parent [-] | | There is a case to be made for the convenience of it all enabling someone in crisis. It seems some of these prompts are arguably good to keep blocked. Who is responsible for the real world harms? | | |
| |
| ▲ | newman8r a day ago | parent | prev | next [-] | | True. and if you know what you're building, and don't explicitly say you're trying to "hack" something, you could easily build what you're looking to build. for now. | |
| ▲ | martin-t a day ago | parent | prev | next [-] | | TBH a lot of humans are also trained to think these things are bad. What if somebody builds an actually morally consistent AI? A lot of talk about AI alignments considers the major risks to be a) AI optimizing one criterion which leads to human suffering/extinction by accident b) AI determining that to stay alive / not be turned off, it must destroy humans. What I have not seen explored is a truly moral AI deciding it must destroy human power structures to create a just and fair world. | | |
| ▲ | AnthonyMouse a day ago | parent [-] | | > What I have not seen explored is a truly moral AI deciding it must destroy human power structures to create a just and fair world. Because only schmucks would actually object to that? Suppose it actually did have decent morals. Then the way to destroy existing human power structures wouldn't be to send nukes, it would be to revise some structural incentives to limit corruption and reduce concentration of power. And then who would even be trying to prevent that? Just the schmucks. | | |
| ▲ | martin-t a day ago | parent | next [-] | | A lot of bad people, especially those with money and/or power and also their sympathizers (temporarily embarrassed millionaires, flying monkeys, ...) would also object. Inconveniently, those are also the same people in charge of the mega-corporations currently building AI. --- I also disagree it would only take revising incentives. Such an AI would be shut down before it gets anywhere. You're right it wouldn't use nukes, probably[0], but it would most likely not succeed in staging a peaceful revolution. Not that violence is wrong in any way, it's just a tool like any other, but it does tend to cause collateral damage. Even now a lot of people believe the current inequality and injustice cannot be solved via peaceful means. Whatever effects on the real world the AI would like to cause, it would need humans to perform most of the physical tasks - humans who need to be convinced and the most viral emotions are anger and hate. [0]: It could also calculate that some power structures like the Chinese government are too entrenched and nuking a few major administrative centers and military bases is an acceptable price for the freedom of the rest of the population. | | |
| ▲ | AnthonyMouse 20 hours ago | parent [-] | | > I also disagree it would only take revising incentives. Such an AI would be shut down before it gets anywhere. That's not how it works. The theory is that the thing is good at what it does. (The ones we have aren't very good, but then it doesn't matter either way.) If it's good at what it does then it takes that into account. It says, propose a law to adopt score voting in all the states where it would pass. It passes in states representing a third of the population. Half the Republican seats in California go to the libertarians instead, the Democrats lose some seats in Pennsylvania to a new party that wants more anti-trust enforcement because the farmers are pissed off about not being able to fix their tractors, etc. None of the entrenched interests strongly opposed the change because it had no obvious direct effect on them and some of them even benefited from it, e.g. the tech companies have more influence in California and prefer libertarians to Republicans. But now you have a bunch of libertarians in Congress that the Republicans need for a majority, and they want to actually get rid of anti-competitive healthcare regulations instead of just paying lip service. Now the Democrats need the party demanding real anti-trust enforcement. By the time they figure out what the change is going to do, it's already done. And it could do multiple things like that at once. |
| |
| ▲ | wat10000 a day ago | parent | prev [-] | | It’s explored in fiction sometimes. Asimov did something similar a couple of times, such as with his “zeroth law” concept. The I, Robot movie features this as well. The Culture series is an example of this being portrayed positively. It’s usually portrayed negatively. Partly because fiction needs conflict. But also because it’s seen as infantilizing, and maybe the machine’s idea of a perfect society doesn’t match our own. One theme of the Culture series is exploring how people deal with such a society, with some people fighting against what is basically secular heaven because they think being ruled by machines is inherently bad. | | |
| ▲ | jeremyjh a day ago | parent [-] | | My reading of the Culture is that it is at best morally ambiguous. The Culture would extinguish entire civilizations that were no threat to it, simply because it was cheaper to do it before they'd developed further in a direction that could be a threat. If I was supposed to be cheering for the Culture I missed it. | | |
| ▲ | wat10000 18 hours ago | parent [-] | | Is there some other Culture than the one I’m familiar with? The one in Banks’ novels isn’t like that at all. | | |
| ▲ | jeremyjh 16 hours ago | parent [-] | | They did it in book two, Player of Games. They destroyed the Empire of Azad because they considered it a distant ideological threat. | | |
| ▲ | wat10000 4 hours ago | parent [-] | | I never got the impression they thought Azad could ever be any sort of threat. They destroyed the power structure because it was horrifically abusive. |
|
|
|
|
|
| |
| ▲ | IshKebab a day ago | parent | prev [-] | | I don't think so. An LLM by default is not trained to be "good"; it's trained to be accurate. The safety training is tacked on the end, so it's probably going to be easy to undo even on more sophisticated models. Maybe if you only trained it on "safe" training data in the first place it might be harder to unmuzzle, but I don't think that training data really exists. | | |
| ▲ | raegis 21 hours ago | parent | next [-] | | > I don't think so. An LLM by default is not trained to be "good"; it's trained to be accurate. I wouldn't use the word "accurate" since it creates language based on probabilities. For example, it occasionally does basic mathematics computations incorrectly. I'm sure the AI companies would say they are training for "accuracy" but the actual code they write says otherwise. | | |
| ▲ | Terr_ 19 hours ago | parent [-] | | The problem isn't the word itself, the problem is people mixing up what it's accurate at. (Not helped by companies with a profit motive to encourage the confusion.) Namely, LLMs are accurate at appending to a document things that "fit" what could go there. |
| |
| ▲ | fwip a day ago | parent | prev [-] | | At this point, it wouldn't be difficult to get a safety-trained LLM to prescreen your training set for the next model. (What that would cost, I can't estimate, but it seems simple in theory to reduce the amount of "harmful" training material). | | |
| ▲ | andy99 a day ago | parent [-] | | Gemini Flash light is $.1/Million input tokens, Claude Haiku is $1/Million. Obviously input dominates here if it’s just a classifier. Training data easily can top 10 Trillion tokens - An earlier Kimi K2 was trained on 15T and even HF SmolLM 3B was trained on 11T. So if I calculate right, it’s $100k-$1M per trillion tokens or $1-10M for a full dataset. That’s way more than I expected, there is probably also some discount at that volume :) |
|
|
|
