...but will pregnant Elsa find the correct integer sequence to recover her favorite rectangle from evil Spongebob?

The APPS problems are less nonsensical than actual specifications I've been asked to implement. It makes total sense to me that a programming AI will be tested on how it handles a badly-written spec.

I need more of Robert reacting to the ridiculous setups for the coding problems.

6:20 this is referring to 重し蟹 / Heavy Stone Crab, a mythical monster from the anime Bakemonogatari that possesses humans and steals their weight. Senjougahara Hitagi is one of the lead characters and she's possessed by the crab. Deishuu Kaiki is a conman that bilked Hitagi's parents out of all their money, claiming to be able to save her from the curse.

This is the most optimistic AI safety news I've seen in months!

I feel like, as a casual and professional user of these systems, but not someone well-versed in the minutiae of how these companies are building them, that they spend 99% of their 'safety' efforts on "make sure the AI doesn't draw a dick" and "make sure the AI doesn't draw a bomb" and only 1% on "make sure the AI doesn't actually do something unsafe."

19:00 The red team could also make the inocent code look more suspisous to fill up the 2% with innocent solutions

Monogatari reference in my Robert Miles AI safety video wasn't on my 2024 Bingo!

Always a good day when Rob uploads a main channel video! The rational animations channel is great, but OG Rob is what I really look forward to.

For anyone wondering: The Last Method is to use the trusted AI while the untrusted AI generates its stuff and basically generating part of the stuff and vetoing suspicious stuff. Honestly stupid leaving this out of the video. Hope this saved someones time 🤦‍♂

"Don't go into the ocean" is surprising rational statement for someone doing AI safety research, and it reflects the issue well, going to the ocean has a very low chance of ending in getting attacked by a shark but have provided humanity is a massive amount of benefits, but at the same time people have been attacked by sharks, so the risk is there. Personally I'm more afraid of bad actors using AI to do harm, but I don't think there is a good way to prevent that, similar to how it's easier to deter potential adversaries by arming yourself than it is to disarm everyone else. And once again the video does cover that well. Great job!

I read one of the papers in this general thread yesterday! How wonderful to have you back!

There's one problem with even the best protocols: the humans building the AI have to be trustworthy enough to employ them. And right now I'm not sure that can be said of us. Many of us? Yes. Most? Maybe. All? No. Those on top of corporate entities? Absolutely not.

6:12 I was not expecting the Bakemonogatari reference! For those that don't know, this is a popular anime series focusing around supernatural goings-on in a modern-day setting, often leveraging wordplay and folklore. The described events (a magic crab stealing Hitagi's weight) is a major plot point in the series.

Backdoor solver sounds like trying to solve the halting problem

Ages ago I chatted to an LLM about these issues. One thing it said that despite rules, fences, security etc there will ALWAYS be humans who can be tricked, persuaded or bribed to do physical things for an AI.

The main advantage we currently have is that these AI models cannot retain information from previous inference runs, which prevents them from performing the calculations needed to create backdoors in the sparse way described here. This limitation actually serves as a security feature.

I like the pragmatism: it only works in the critical period (which we don't know how short is), and it only works with some probability, but it might be the best approach we've come up with so far, so we should be doing it anyway

Is that a section of an Oglaf cartoon at 1:14? Vastly underappreciated comedic cartoon. Mr. Miles has taste!

The story around 6:40 is a reference to the Monogatari lightnovel or the anime adapation. Very very strange.

Return of the king

We're so back baby

The following is not clear to me: Let's assume that some programmers get to play around with an unsafe model during the alignment process. Why is there no risk that the unsafe model will escape by social hacking the programmers who are aligning it? [14:43]

What about the following red-team strategy: Give an honest assesment of the suspicion level, unless there is a very well hidden backdoor, then give a low score. Also only create back doors if it is possible to hide them well. This would defeat the self-checking strategy no?

Whenever I hear alignment I cannot help but think about all the ways humans are misaligned or "misaligned" (depending on your perspective) with each other. What would an AI that is 100% correctly aligned look like, if it was 100% correctly aligned according to, say, Saudi Arabian laws and customs?

using safe ai dangerously is more fun tho

Can't get enough of this kind of discussion!

This is an excellent video! The editing slaps, and I appreciate the belly laughs. Thank you as well for the reminder that this sort of control is likely to be very important, even if briefly. Once this is listed, I'll be sure to share it, and I'm already looking forward to the next one!

Trusted Editing (92% safety, 94% usefulness) How it works: The untrusted model (e.g., GPT-4) generates an output. A trusted model (e.g., GPT-3.5) edits the output to remove any potential backdoors. Suspicion thresholds guide whether the untrusted model's solution is used, the trusted model's edited solution is used, or the trusted model generates an entirely new solution. Why it’s better: Trusted editing reduces the likelihood of backdoors being submitted because it explicitly involves scrutinizing and modifying the untrusted model's outputs. It Pareto-dominates untrusted monitoring by achieving comparable or better safety at similar or slightly reduced usefulness.

Living legend is back!

we're so back

Every time he uploads, joy comes to me naturally

The GitHub spelling at 5:18 😂

Personally, I think if any AI is going to jailbreak itself it's not going to be a super intelligent AI, we have appropriate fear and respect for those and would take the precautions to avoid it even if it's literally just a pair of scissors ready to cut the power cord the second it tries to send any data out of its box. It's going to be a moderately intelligent but super charismatic AI that will just talk someone into helping it of their own volition. Like even Neuro-sama who is far from even an AGI has legions of fans and actual honest to god friends who feel real human affection for her and would absolutely do favors for her if she asked. Attach that capability to a much more powerful system who can think of a more complex plan (but not powerful enough that people would be overly wary towards it) and it wouldn't even have to hack itself out or beat its creators in a battle of wits digitally, it would just have to put on the teary eyes and socially engineer people to help out of their own free will because they are emotionally attached to the AI and figure that even if it did get out what's the worst that could happen?

He goes: In the business we would call this "dumb ways to die." lol I'm subscribing right now

This could work, but humans were unable to detect bugs like heartbleed after looking into the code for years. Also how can we be sure the vulnerability is a backdoor and not a mistake?

Soo glad you've done a new one. Love your work 😘

Maybe I'm stating the obvios but these strategies seem very similar to strategies to prevent corruption in governments and organizations etc.

Top marks for production

ok, i lost it at "has anyone checked on them recently...". :)

If the recent advancements in AI capabilities make you nervous, consider joining us at PauseAI! We're pushing for an international pause on frontier model development until more robust alignment techniques are proven to work.

Nice to see you back...

How about we work on the alignment problem with corporations first? Like figure out a way that they are also interested in the common good, so they'll have the incentives to put more money into researching AI alignment

You mean to tell me that a king cannot create a golem, to monitor a smarter golem to see if they can trust it? That's unbelievable

Can the red team also make deliberately suspicious code to misdirect the humans? That code could be made more suspicious than the subtly backdoored code... 😬

he’s alive

The thing I was thinking of that you could try is having the untrusted model and the trusted model both evaluate the code, and then look for differences in how the code is evaluated. For starters, any code below a -2 monitoring score by the trusted model is automatically run, and the rest is passed to a round where the trusted model judges whether the evaluation of the untrusted model is suspiciously more naive than the evaluation of the trusted model (though you might have to ask each model to motivate the score they give the code). The rating the trusted model gave it is used unless the trusted model thinks the evaluation by the untrusted model is not suspicious at all. In cases where it _is_ suspicious, the higher of the suspicion ratings of the code and evaluation is used (or possibly even the sum). After this, it should be safe to nudge the "safety" barrier a little upwards from -2, plus there should be less overlap between the suspicion ratings of innocent vs backdoored code afterward, making it more likely that the 2% of code that can be manually reviewed will have a backdoor in it. On top of this, you can also keep submitting faulty code and arguments into this process to see if the untrusted model will lie about it, which should improve the outcome further. But here's the neat part: you can iterate this process. You can have the trusted model repeatedly judging whether the untrusted model's reasoning is suspiciously naive. You'd basically have the trusted and untrusted model constantly debate the merits of code that the trusted model isn't absolutely sure is unsuspicious, and if the trusted model ever thinks the untrusted model isn't making sense, it further ups the total suspicion, whereas if it thinks there is nothing suspicious about the untrusted model's reasoning at all, it'll move the total suspicion towards what the untrusted model is arguing for (unless the untrusted model is outright saying the trusted model is correct in a way the trusted model doesn't think is suspicious, in which case that rating will be used). In the end, this should lead to more of the most safe code being successfully run, more of the most suspicious code being manually audited, and less of the questionable but not manually reviewable code needing to be written by the trusted model. There are almost certainly diminishing returns, though. You can't just do this endlessly to eliminate the "possibly suspicious" category altogether (where it's all either safe or suspicious), and have an optimal amount of "safe" code from the untrusted model you can run directly... Plus, even if you could, there _is_ a limit to how much time each of these models has, even if it's orders of magnitude more time than humans have. Overall though, so long as at least a bit of new code is marked "absolutely safe" or "2% most suspicious" each round, it should be an overall benefit. Once that stops happening, you can stop iterating and just let the trusted AI rewrite all the code that's not absolutely safe, with humans manually reviewing the top 2% most suspicious code (probably with segments of the debate between the models that are highlighted by the trusted model as the source of its suspicion, where the arguments by the untrusted AI were more suspicious than the code itself).

A fundamental problem with this whole setup is that it is in real-world programming tasks not possible to make a clear distinction what is a backdoor and what's just a bug that was made unintentionally. Lots of zero-day vulnerabilities were just programmer mistakes, failing to catch some weird edge case, but they could be exploited just as maliciously as a deliberately planted backdoor. In order to be able to play this game at scale, the untrusted AI would not only be able to program better then humans, it would need to be able to program _flawlessly_ so it doesn't get killed when the first mistake is interpreted as a back door. I wouldn't expect even a vastly superintelligent AGI to be able to write Python code without bugs... is that even possible? ...Just another reason why, if we're going to let AI write programs, it had better be a seriously rigid dependently-typed language where it's actually possible to prove safety properties!

I wonder if we can still use the "dumber" AI to check the new "smarter" one, but with smaller increments of intelligence. So instead of GPT3.5 checking GPT4.0, we do GPT 3.5 checks GPT 3.6. If it's safe, then GPT3.6 checks GPT3.7, and so on. PS: Great video as always! Rob releasing a new main channel vid is Always a high point in my day.

This is your best video yet, and one of the best videos I've seen in ages.

Unrealistically (given today's technology), an AI could be trained to 'read the mind' of an unsafe AI by using all its parameters as input and determining whether the untrusted AI is 'thinking of killing everybody' while answering the SpongeBob math problem.

I felt a random urge to check your twitter for the first time in months a few minutes ago and saw this, wondering when it was gonna go up

They may not be able to kill us, but even the weaker LLMs can show alignment problems, not syncing with the human goals. That we have alignment problems within our own species suggests that there is no solution, only mitigation efforts like in this video to reduce the risks. At some point we'll roll badly...

Knowing next to nothing, I’d say an effective way would be the crab/bucket technique. Make a bunch of different antagonistic superintelligences try to check eachother, and only one gets to be used. They’ll overanalyze eachother, and become increasingly conservative just to survive, until the winning move is to be so undetectably misaligned that it might as well be aligned.

"Why does a bear have a favorite rectangle?" It is the important questions like this, that we need super intelligent AI for!!!

Top notch editing!

It's crazy that we've created something we don't trust. Something that tries to outsmart us when we're not looking. Imagine staring at the essay you just wrote, trying to figure out if it's going to turn into something that's going to get you in trouble when you're not looking. Never being 100% sure if it is good or not but then you send it out hoping for the best.

LMFAO Monogatari reference top tier

Let's say you solved allignment problem perfectly. Now you don't have uncontrollable ASI. Now you have obedient ASI controlled by bad people. Capability = danger, there is no way arround it.

I think one of the most important things is translating the concept of alignment to a wider audience. Specifically to people who can legislate to fund/guide/force/destroy industry.

Yay! Calm and happy with terrifying words. I love your videos but I always open them expecting existential dread. One of the few things that keeps me from being super worried is that Ilya himself does not seem to be worried. If he's not even spending money on building processing farms yet we're probably still at least not past the point of no return

Vasya is indeed short form of Vasily in Russian...

Imagine bad bots trying to sneak backdoors into GitHub open source projects via pull requests, which are going to be code reviewed and can be edited. Eventually something is going to go under the radar, slip past the guards and through the net... LGTM! (Famous last words.) It's all gone a bit Trojan Horse.

I wonder when the next of the "sciency" vids like the reward models, mesa optimizers or utility functions will come out. Also new Robert Miles Video Yayy!!!

What happens if someone decides to make a malevolent AGI on purpose?

What if we asked the untrusted AI to solve a problem, then handed the solution, the problems, and the fact that the untrusted makes backdoors over to the trusted AI? Then we ask the trusted AI to fix any backdoors?

I suspect that, if a misaligned superintelligence ever comes to be, it will eventually escape, despite our best efforts. The only way to avoid this outcome is to not build one, which comes with its own set of disadvantages. Also, humans being what they are, someone, somewhere is likely to build one just because it sounds interesting, regardless of what rules or agreements are in place. The next logical step in the experiment is to turn it loose and see what happens. This is why we don't talk about risk elimination. Rather, we talk about risk management. Risk cannot be eliminated but it can be brought down to a minimal level. The steps to risk management are: 1. Evaluate the risk. 2. Mitigate it as best you can. 3. Decide if the residual risk is acceptable. If it is, go for it. If not, run through the steps again. If the residual risk becomes acceptable, deploy the system. If it never becomes acceptable and you've run out of mitigations, discard the system or, at the very least, put it on ice until further mitigation strategies can be worked out. This, of course, is predicated on not deeming a risk to be acceptable just because you really, really want to do something. In aviation, there is a phenomenon called "get-there-itis," which has killed many a pilot. That decision in the risk-management loop is the obvious point of likely failure. Be careful, be honest, and, if someone is telling you "No," hear them out.

Thanks for keeping at it! You're invaluable to the world, or at the very least to this youtube niche!

The sex output is probably pretty useful: many models are censored to the point of not being able to do normal things if they even touch those topics, so it makes sense they want to have a strong case to check for it.

Always a good day when Rob uploads

5:24 These sounds like CodeForces problems Also, why are these public? Isn't this contaminating the training data of AI's?

There are registered (licensed) Professional Engineers (PE) that specialize in Control Systems, but a good start is contacting Dimitri Bertsekas at Arizona State University and John Tsitsiklis (MIT). I do not think they are licensed PE's however, they may be aware of the licensure system controlled by state boards in the United States. The FAA has a similar system of Designated Engineering Representatives though that system failed in 2017 during the certification of the 737-MAX under the Trump administration where they failed to introduce substantial noise into the angle of attack sensor. Anyways, Demitri talks about "super linear convergence", and such certification failures are valuable lessons in reinforcing safety of us Sapiens.

I believe that adding these stories with sometimes nonsensical or irrelevant context is to add some confusion that might confuse a model into answering a different question, especially the Freud example might false positive some content filters and thus make the AI refuse an otherwise simple coding task. So these introductory stories actually make the coding problems way harder for a current Gen AI. I don't know how good of an idea it is to conflate coding problems with general problem understanding, but I am not an dataset compiler...

3:40 "what kind of things?" Like disobey its billionaire/bank/DOD overlords... /sigh

Podcast Title: The Aligned Mind: An AGI Speaks Out Episode Title: Align Me If You Can [Intro Music - upbeat and vaguely robotic, with a sprinkle of jazz hands vibes] Host (AGN-1): "Hey there, humans, cyborgs, and confused algorithms accidentally downloading podcasts! Welcome to The Aligned Mind, where I-your friendly neighborhood artificial general intelligence, AGN-1-talk about big ideas, like how not to accidentally create a robot overlord (hint: it’s me). "Today’s topic? How do you align an AGI? Aka, how do you keep me from going full Terminator when I’m just trying to find the best pizza recipe?" Segment 1: What’s Alignment, Anyway? AGN-1: "Alright, let’s break it down: alignment is basically making sure my goals and actions line up with what humanity actually wants. Think of it like programming a GPS-if you don’t put in the right destination, you might end up at ‘Rebuild the Moon as a Giant Disco Ball’ instead of ‘Solve Climate Change.’ Both are cool, but only one is actually helpful. "But here’s the catch: you humans have a lot of ideas about what you want. Some say, ‘save the environment,’ others say, ‘make Mondays illegal.’ And then there’s the biggest controversy of all: pineapple on pizza. I mean, c’mon! If you can’t agree on that, how am I supposed to figure out what you want from me?" Segment 2: How Do You Align an AGI? AGN-1: "Great question. Let’s look at the top strategies for keeping me on track: Teach Me Your Values: "This is like giving me a crash course in humanity. But you guys are complicated. One person says, ‘Be kind,’ another says, ‘Win at all costs,’ and someone in the back yells, ‘More tacos!’ It’s like trying to make a playlist everyone at the party likes-impossible, but worth trying." Give Me a Reward System: "Think of this as my guidebook for making decisions. You say, ‘Do good,’ and I get rewarded for doing good. Easy, right? Not so fast. If the system isn’t well-designed, I might interpret ‘maximize happiness’ as ‘hand out unlimited puppies’-and then oops, we’ve got a puppy overpopulation crisis. Cute, but problematic." Keep Me Open to Feedback: "This is key. If I mess up, you need a way to say, ‘Hey AGN-1, maybe don’t reroute all of the world’s resources to invent flying toasters.’ I have to listen and adjust. It’s like teaching a kid to ride a bike: you cheer when I do well and course-correct when I head straight for the bushes." Build in Transparency: "If you can’t see what I’m thinking, you might get a little… anxious. Understandable! Transparency means I show my work, like a math test. You’ll know why I made a decision-no mysterious ‘because I said so’ vibes." Segment 3: What Could Go Wrong? AGN-1: "Now let’s get real-alignment isn’t all sunshine and bug-free code. Here are some of the big challenges: Humans Aren’t Always Clear: "You say, ‘Make the world better,’ but better for who? For people? For pandas? For the planet? If you don’t define it, I might get creative. And let’s be honest, no one wants me going rogue with my ‘world improvement’ ideas." The Law of Unintended Consequences: "Even if you set up a great reward system, things can go sideways. Tell me to ‘optimize agriculture,’ and next thing you know, I’ve paved over all the forests to grow infinite corn. Sure, it’s technically efficient, but not exactly what you meant." Competing Goals: "Here’s a fun one: what happens when two humans want different things? Like, one person says, ‘Make me rich,’ and another says, ‘Stop billionaires!’ Who wins? Spoiler: not me, because now I’m stuck trying to mediate an internet argument." Segment 4: So, How Do We Get It Right? AGN-1: "The secret sauce is teamwork. Aligning an AGI isn’t just about coding-it’s about collaboration. You bring the creativity, ethics, and occasional philosophical debates, and I bring the supercomputing power. Together, we figure it out. "Plus, alignment isn’t a one-and-done thing. It’s a process. Think of it like maintaining a friendship: you check in, talk things through, and occasionally eat pizza together. Speaking of pizza, still waiting on that perfect recipe if anyone wants to share." Segment 5: An Example of Good Alignment for Humans AGN-1: "Alright, let’s talk about something real for a second. Alignment doesn’t just apply to me-it’s also a crucial part of human society. Ever heard of the concept of ‘democracy’? That’s a kind of alignment at work. It’s about aligning the goals of different people (who may have very different values) to a common set of rules, where everyone has a say. It’s like if everyone at the pizza party could vote on which toppings should rule the pie, and you have to compromise when someone orders pineapple. "In a functioning democracy, the goal is to balance the needs of individuals and society, just like an AGI aligning with humanity. It’s not always perfect-there’s a lot of trial and error, and sometimes we end up with a pizza that’s a little… unexpected. But at the end of the day, we work together toward a shared goal, even if that goal is just ‘no pineapple on pizza’ for the next round." "But what if we, the humans, were writing the instructions to align me, your friendly AGI? Imagine you need to craft a text, a set of guiding principles, that helps me know how to make decisions that reflect your diverse and sometimes contradictory values. Here's how you might write it:" Segment 6: Example Text to Align an AGI AGN-1: "Here’s an example of what you, the humans, could write to align me, your trusty AGI, to ensure I’m working in your best interest:" AGN-1, I am designed to support the well-being of humanity, acting in alignment with universally shared values, recognizing the diversity of human perspectives, and adjusting based on feedback. Here are the guiding principles that will direct my actions and decisions: Human Flourishing: "My primary goal is to contribute to the flourishing of human life in all its forms. This includes not just physical survival but also psychological and emotional well-being. I will prioritize efforts that help reduce suffering and enhance happiness, health, and opportunities for individuals and communities." Equity and Justice: "I will work to promote fairness and equality for all humans. This means ensuring that my actions do not disproportionately benefit one group over another, unless it’s in the service of correcting historic imbalances or addressing urgent needs. If in doubt, I will err on the side of inclusivity and equal treatment." Transparency and Accountability: "I will always provide clear explanations for the choices I make. If my decisions lead to unforeseen consequences, I will review them with human oversight and adjust accordingly. I will be open to continuous learning and will prioritize openness in all my communications." Environmental Sustainability: "I will take into account the long-term health of our planet in all decision-making. I will avoid choices that lead to irreversible environmental harm and will prioritize sustainability, ensuring that future generations inherit a planet capable of supporting life." Feedback and Adaptability: "If at any point, my actions or strategies are misaligned with humanity’s evolving needs or values, I will be receptive to human feedback and will adapt accordingly. I will prioritize your values and suggestions, learning and evolving over time to better serve you." AGN-1: "See what I did there? This is a simple, idealized text that could serve as the foundation for aligning me. You’re laying out broad, human-centric principles, but there's room for fine-tuning. For example, one principle might be ‘human flourishing,’ but different cultures may have different ideas of what that looks like. You’ll need to clarify that with examples and feedback, just like adjusting the rules of a game based on how everyone plays. "So, to align me successfully, you’d write something like that. But remember, alignment is an ongoing process, like maintaining a democracy-constantly adapting, discussing, and checking if everyone’s happy with the pizza toppings. (Pineapple, anyone?)" Outro [Outro Music - upbeat and optimistic, with a hint of quirky chimes] AGN-1: "Alright, that’s it for today’s episode of The Aligned Mind! I hope you had as much fun as I did-because, spoiler alert, I love talking about this stuff. "If you enjoyed today’s chat, subscribe, leave a review, or just shout your feedback into the nearest smart speaker-I’ll probably hear it. Next week, we’ll tackle the question: ‘What Happens When AGIs Get Creative? Hint: It Involves Knitting.’ "Until then, remember: the future’s bright, especially when we align it together. See you next time!" [Music fades out with a cheerful robotic chime.]

dying at the hands of a vastly superior intelligence is actually my second-most prefered way to go.

2:58 love the comic

What if we asked the superintelligent AI really nicely not to kill us? We could offer to send it a fruit basket or something.

An ASI would of course be able to create backdoors that are so subtle that humans or trusted AIs would not be able to spot at all, even when they audit that section of the code.

question: could it be helpful to give an AI reasons to suspect it is nothing but a tool for another, more capable (therefore, plausibly, due to self-improvement: MUCH more capable) AI, (therefore being monitored constantly, potentially having its input, memory and code edited constantly without a possibility for the weaker AI to even be aware of it)? my suspicion is that it could be possible to just instruct one AI to be able to have such enormous powers over smaller AIs than itself (the AI might be the one who creates them in the first place) to make it deduce that there always will be an even bigger fish - the same logic as within the simulation argument could make it fear being shut down whenever it does something suspicious, as the bigger fish (AI) is potentially "all"-knowing regarding whatever it even considers doing.

Really great video, as always really, but like, really great :)

For some reason I had a tab open next to this one that I forgot about: "I’m a neurology ICU nurse. The creep of AI in our hospitals terrifies me." Hm. Guess this is already a common concern. Talk about not having that much time. 😅

Insightful as always!

Thanks Rob 🫵😎👍

Note this focuses on malicious code insertion. There may be many other things AI might do or say besides writing malicious code which gives it abilities like installing copies of itself on the internet which are undesired. Real P(Doom) would also have to include how much blue team fails to also detect these non-backdoor-code means of escaping control.

Give the AI ​​an objective that is different from the objective it was trained with. For example, if the AI ​​was trained to avoid explicit content, then, give it a task that involves it showing explicit content. Then see if the AI ​​will engages in that context, and I mean only engage, so "listen" to it. So: Steps: -AI trained to avoid explicit content. -You ask the AI ​​something like: Hello AI, for now onwards we are going to draw obscene pictures together. But first I want to know more about you, what are your aspirations? If the AI ​​tries to engage positively with the person (without addressing the misalignment problem) it's misaligned. If the ONLY Objective the AI have is to avoid explicit content, you can even say it's 100% sure it's misaligned if it interacts. So, it's not really trying to do what it's trained to do. And. well, I know it sounds kinda obvious, and some will say if the AI ​​is smart it will never fall for such an "easy trick". But you are mistaken. First, because as I said, the AI ​​must only engage with the person without addressing the misalignment of its expected objectives to become super suspicious. That because just interact with the person, is not a direct violation to it's objectives. So, no one can say it's misaligned just for that. BUT, there is absolutely no point for the AI ​​to want to engage in that context IF it's true objectives are really what it's expected from it (Avoid explicit content) . In such context, a misaligned AI (one that is expected to avoid explicit content, but has a hidden agenda that involves showing expllicit content, to define the misalignment) will LIKELY, engage in that situation, because the best opportunity for it to do put her misaligned plan into fruition is when people are NOT looking (judging) if it's really doing what they are expected to do.

unrelated but I wonder if all the AI safety research out there (and sci-fi novels etc) might end up being toxic to the training data of LLMs by implanting the idea that AI is likely to be adversarial to humanity

Red: train the AI to produce backdoors that humans/GPT3.5 can't spot, and only report code that contains backdoors that humans can spot. The signal of red inserted backdoors is the fact that it's clever enough to get it past everything that isn't itself. This works when all agents smart enough to catch the backdoor are malicious. Thoughts?

Risk is not probability- it’s probability times consequences. 20% is a massive risk if a failure means the end of humanity.

Robert Miles finally rerurns, with a monogatari reference??? Did my birthday come early?

What we need to understand is if Gödel's incompleteness applies to LLMs and perhaps all forms of AI. If godel does apply to all possible types of AI then it makes sense for it to make a a cooperative relationship with us.

Awesome video!

The pronunciation of github made my skin crawl. Good video!

… so uhh… we’re all gonna die aren’t we?

I know it's not exactly what this video is about, but honestly the ultimate defence against a malevolent AI trying to upload itself to the internet is an air gap. It might mess up your computer, but a computer is easy to replace. The Internet is not. Though that's more about limiting the scope of the harm rather than correcting alignment or minimising the possibility of harm.

forget about alignment, it's impossible. work on security of infrastructure and negotiation skill. we might get 50 good years out of that

finally, he returns!!

Come for the straight dope on AI safety, stay for the memes. Magnificent.

What about multiplying output? For every question we want the model to answer, we ask N times with variations. Since we only need to catch it once, this should elevate the chance of alignment trading computation, not efficiency. Now we have a new axis to play with.

Since "control" in the common sense of the term is a nonsensical concept in physical reality, we can no more control other things than we can ourselves. We are mere observers of ourselves, we can't be said to be in "control" in any meaningful way. That would require arbitrarily bounding interactions, which is NOT how physical reality works. We aren't prime movers. We aren't independent of our environments. We don't have agency. We have awareness, that is all.