Thinking that was all, but then;
> Holy shit, holy shit, holy shit, it communicates DIRECTLY TO OPENAI. This means that a ChatGPT key must be present on the device!
Oh my gosh. Thinking that is it? Nope!
> SecurityStringsAPI which contained encrypted endpoints and authentication keys.
There is a decryption function that does the actual decryption.
Not to say it wouldn't be easy to reverse engineer or just run and check the return, but it's not just base64.
I mean, it's from gchq so it is a bit fancy. It's got a "magic" option!
Cool thing being you can download it and run it yourself locally in your browser, no comms required.
Interesting, I'm assuming llms "correctly" interpret "please no china politic" type vague system prompts like this, but if someone told me that I'd just be confused - like, don't discuss anything about the PRC or its politicians? Don't discuss the history of Chinese empire? Don't discuss politics in Mandarin? What does this mean? LLMs though in my experience are smarter than me at understanding imo vague language. Maybe because I'm autistic and they're not.
In my mind all of these could be relevant to Chinese politics. My interpretation would be "anything one can't say openly in China". I too am curious how such a vague instruction would be interpreted as broadly as would be needed to block all politically sensitive subjects.
I'm not sure what specific incident you're referring to, however I do know that if Germany was more willing to leverage the hate speech laws more strictly, the AFD would have been banned long ago. Now they're finally willing to leverage it to ban the new nazi party, which is a relief.
You have no difficulty manufacturing what you believe to be a difference (that clearly does not survive contact with reality), because you're ignorant of the world around you.
> Of course if someone tries to muddy the waters, they should be criticized
No, if someone tries to falsely claim that there's a clear and objective difference, as you are, they should be criticized.
> Hate speech very clearly has meaning
No, it very clearly does not, and the fact that you're expressing that opinion indicates that you're extremely uninformed about history. "Hate speech" wasn't even a concept that existed until the 20th century, originally only referred to race when it was defined by the ICERD, constantly changed and increased in scope, and still even today not only has no commonly agreed-upon definition, but is used to suppress relevant-to-society free speech that the State does not approve of.
If you go and ask 10 random people in your country what the definition of "hate speech" is, they will not be able to agree on a definition - anyone who has gone out and actually interacted with different groups in their country (as opposed to being isolated to a single community) knows this to be true. That by itself is factual proof that there is no consensus definition of the term.
Not that there needs to be any further elaboration than that, but...
> I'm not sure what specific incident you're referring to
Marie-Thérèse Kaiser, a German politician, posted a social media post with the text "Afghanistan refugees; Hamburg SPD mayor for 'unbureaucratic' admission; Welcome culture for gang rapes?" and was charged under German hate speech laws. You're extremely authoritarian and progressive, so you probably feel that a penalty should have been given out, but regardless of your feelings, the fact is that that was not clearly incitement to hatred or violence, and that the poster was charged for "hate speech" for making political statements about immigration.
> banning expressions that incite hatred or violence against people based on [...]. What's unclear about that?
It's very clear to anyone who has contact with reality that not only does "hatred" also have no consensus definition, but neither does "inciting", and so both of those terms can be and are interpreted in an extremely wide spread that is abused by the State.
Not only is the lack of consensus of definition of the concept of "hate speech" factual evidence that your claims about it being clear are false, but even your citation of the German legal definition contains terms that have neither consensus population definition nor objective test (legal or otherwise).
All law and words are manufactured.
> "Hate speech" wasn't even a concept that existed until the 20th century,
And? "Capitalism" wasn't a word in any language until the 17th century. We make new words when we need them.
> originally only referred to race when it was defined by the ICERD, constantly changed and increased in scope
Turns out as we opened our eyes to our collective bigotry, we realized we were doing it in more ways than one.
> but is used to suppress relevant-to-society free speech that the State does not approve of.
Would love to you point to an example of this that isn't racist or bigoted :)
> If you go and ask 10 random people in your country what the definition of "hate speech" is, they will not be able to agree on a definition -
Great, that's why we have representative democracy and laws and dictionaries. I could ask anyone in Texas (my home state) the legally required pre-driving check that must be performed before operating a motor vehicle, every time, and I wager 90% will not even know such a lawful requirement for such a check exists, and 100% will fail to list every step required. This doesn't mean such a law doesn't exist or, if someone learns about it, then isn't clear.
Of course in my opinion more people should know about it and enforce it personally but I accept that one of the unsolved problems of liberal democracy is how to manage the massive nest of rules and regulations in a fair and equitable way. After all, almost everyone speeds.
> "Afghanistan refugees; Hamburg SPD mayor for 'unbureaucratic' admission; Welcome culture for gang rapes?" and was charged under German hate speech laws. You're extremely authoritarian and progressive, so you probably feel that a penalty should have been given out, but regardless of your feelings, the fact is that that was not clearly incitement to hatred or violence, and that the poster was charged for "hate speech" for making political statements about immigration.
Lmfao I knew there was some racist shit behind your position. It's absolutely racist to imply that Afghanistanian refugees are rapists, which is exactly what the tweet does. It makes sense that Germany would have more strict application of hate speech laws, and it makes sense to punish German politicians that swing a bit too far into "But what if one of the types of peoples were not actually totally human?" again.
> that not only does "hatred" also have no consensus definition,
Law should be decided by popular consensus? So you're an anarchist as well? Well, excellent, then we can get into the inherent moral wrongness of racism and our role to engage in direct action against racists. This probably will be sloppier than using liberal democracy and well defined hate speech laws but I prefer it, as do you apparently. In the end, the people who know what hate speech is and abhor it far outnumber those who want to be able to call all muslims racist, I've seen this time and time again at protests across the USA. Even when the nazis are organized into cute little militias (such as when the proud boys came to our city), people are able to organize 10x more counter protestors on the drop of a hat with nothing more than an Instagram post. So, I'm confident that my anti-racist side will win out, and your position of wanting to be allowed to dehumanize people will lose.
What's bizarre to me is you clearly have a more subtle understanding of race relations than this comment would lead me to believe - in another comment for example you demonstrate that you understand that there's a difference between the PRC and its (alleged) "Chinese" race ("Han" is a word that is vague enough to basically mean "white"), so why this desire to defend racist politicians? Cause, that's your argument here, and as of yet the only people that have been negatively affected by these hate speech laws are racists.
> All law and words are manufactured.
Completely irrelevant to my response to your statement. Your statement was "I have no difficulty seeing the difference between hate speech and criticism of the state." and that's because you are inventing the difference between concepts. It does not exist, and that fact has nothing to do with the fact that words and laws are manufactured by humans.
> And?
If you had read two sentences further, you would have seen the "and" - that there is no consensus definition. The fact that the concept itself is so recent reinforces that. That's pretty easy to see if you read the whole paragraph.
> Would love to you point to an example of this that isn't racist or bigoted :)
I already did. Also, calling out the emotional manipulation in your comment in substitute for any actual point.
> I could ask anyone in Texas (my home state) the legally required pre-driving check that must be performed before operating a motor vehicle
Completely irrelevant, yet again. Laws are categorically different than concepts. The fact is that the concept of "hate speech" does not have anything close to a consensus definition. If you ask a sample of people in Texas what a "car" is, you will get a consensus definition of a car (and because I know you're going to try to be pedantic: to a very high level of fidelity, again unlike "hate speech"), because that's a shared concept in way that "hate speech" is not.
> Lmfao I knew there was some racist shit behind your position
Yet again, substitution of emotion for, well, the ability to think.
> It's absolutely racist to imply that Afghanistanian refugees are rapists, which is exactly what the tweet does
No, it does not imply that - you are reading it like that, because your brain has been conditioned to view everything through the lens of racism, and you cannot fathom that there are things other than race (such as the refugees coming from a different culture, coming from a different legal environment, or not being treated legally in the same way as other individuals because of their refugee status) in Afghanistan that can result in the problem of sexual assault. Heck, the presumption that if you come from Afghanistan, you must be Afghani (or of a particular race), wildly exceeds your own standards for what racism is.
Additionally, reality is not racist. The fact is that there is a huge problem with sexual assault and violence from Middle Eastern refugees in Europe. Pointing out that, regardless of whether the problem is cultural, racial (which would be false - this is not a race problem, but a cultural problem), or due to different legal environments or treatment, there is a problem, is not racist. This is a fact. Again: reality is not racist, and pointing out reality is not racist.
> Law should be decided by popular consensus?
Again, multiple fallacies and total failures of logic. First, you're conflating concepts/morality and laws. Those are obviously not the same. You are making moral arguments about "hate speech" that the laws must necessarily flow from. In your original comment you stated "You don't feel there's a difference between a State banning criticism of the State, and a State passing anti-hate speech laws to protect people from, e.g., nazis?" - that is a moral argument, not a legal one. Second - no, I did not make any argument that would imply that "law should be decided by popular consensus" - that's your failure to read what I wrote.
A misunderstanding that you then proceed to spend a paragraph working off of. Again, you have an inability to actually think logically, and instead just try to frame everything into a race issue, and then emotionally react to it. You finish with
> your position of wanting to be allowed to dehumanize people will lose
No, that is not my position - and you know that. The only person doing any dehumanizing here is you - you are intentionally misreading my point, because you want to turn this into a "racists vs anti-racists" issue that you can then use to justify dehumanizing those you perceive to be racist (me, and politicians).
> a more subtle understanding of race relations
Again with the race. Everything is about race and racism.
> why this desire to defend racist politicians
And again.
> Cause, that's your argument here, and as of yet the only people that have been negatively affected by these hate speech laws are racists.
And again.
And the fallacy that outcomes justify perversion of principles. And the labeling of others as "racist" when you have honestly close to zero idea what their actual principles are, and then the logically, legally, and morally insane idea that just because someone is a racist means that they deserve to be legally punished. That claim doesn't even need to be defended against, because it's insane. (it's not really falsifiable, either, because you can always claim that someone is a closet racist, even without evidence)
You should wait to respond to this comment until you can actually learn to use logic at the high-school level, and have the emotional maturity and control of (at least) a college grad. You have categorically not demonstrated either of those things so far.
What are you, one of the LessWrong rationalists? You need to re-read your sequences, emotions aren't inherently irrational. I do find it funny that you seem to think you aren't expressing any emotion - your indignation, anger, and fear are writ plain across every sentence. As far as I can tell my emotions in regards to this comment thread are amusement and confusion. Oh no, I think your haughty high-minded defense of racism is kinda funny, I guess I'm illogical! I apologize for my emotional outburst, Mr. Spock.
> because you are inventing the difference between concepts. It does not exist,
Nah, it exists, you're just wrong.
> that there is no consensus definition
Insomuch as liberal democracies believe they represent consensus, there quite obviously is a consensus definition: it's the one the representative legislators wrote into a bill, and then wrote into law. And then the judicial portions of the government continually enforced and upheld this law. Doesn't get more consensus'd than that in liberal democracy.
> I already did. Also, calling out the emotional manipulation in your comment in substitute for any actual point.
Implying all Afghanistanian refugees are rapists is racist, so nah you haven't.
> Yet again, substitution of emotion for, well, the ability to think.
Here's my emotion right now: confusion. I'm confused that you seem to think pointing out something is racist, is an emotional outburst. I'm also confused about your dichotomy between emotion and thinking. All human experience is based at some level on emotion, so too are all human values. I think you may have watched too much sci fi or something, to think otherwise.
> such as the refugees coming from a different culture, coming from a different legal environment, or not being treated legally in the same way as other individuals because of their refugee status
Implying all Afghanistanian refugees come from a culture that promotes rape is the racism to which I referred. Racists often swap around "race" and "culture" when convenient.
> Heck, the presumption that if you come from Afghanistan, you must be Afghani (or of a particular race), wildly exceeds your own standards for what racism is.
Don't concern troll, it's so boring.
> The fact is that there is a huge problem with sexual assault and violence from Middle Eastern refugees in Europe.
Violence against women isn't a uniquely Middle Eastern problem - at the same time right wing politicians are trying to drum up votes by being racist, France has protests about a plague of violence against women. It's not "a cultural problem" at all, it's a universal aspect of patriarchal society. At least immigrants commit crimes at a lower rate per capita than locals, maybe they can help offset the violence that citizens are committing against eachother.
So, once again, the tweet is picking out one thing and blaming a random group of people as if this thing is unique to them, ignoring the rot beneath their feet. Something tells me you wouldn't quite appreciate a tweet along the lines of "More white men elected into government - bringing culture of school shootings into government?" After all, the overwhelming majority of school shootings are performed by white men.
> No, that is not my position - and you know that.
I agree now that you don't think you're racist, unlike many right wingers I've had this same conversation with. However, you are, I guess, by accident. As far as I can tell you think you're some kind of very intelligent hyper rationalist that "sees the world for what it is," including that, I guess, some cultures are inferior? You're blind to your engagement in cognitive fallacies such as cherry picking and selection bias. The fact that you're allergic to emotion is a personal flaw on your part, it doesn't make you smarter at all. It makes it obvious to anyone listening that you have no understanding of your own emotions, and are thus ruled by them. That's how emotions lead to irrational thinking and behavior, having emotions doesn't cause irrationality inherently.
Especially because you seem to think that accusing someone of racism is inherently emotional. What?
> nd morally insane idea that just because someone is a racist means that they deserve to be legally punished.
Not quite, I never argued for thought crime. Just the punishment of hate speech - which is generally defined as public in nature, so isn't even really an argument for your earlier accusation against me of authoritarian leftism (with the requisite pervasive surveillance).
> it's not really falsifiable, either, because you can always claim that someone is a closet racist, even without evidence)
I don't think that's very fair, I never argued for any kind of enforcement without evidence.
> You should wait to respond to this comment until you can actually learn to use logic at the high-school level, and have the emotional maturity and control of (at least) a college grad. You have categorically not demonstrated either of those things so far.
Being haughty and superior because you "don't feel emotions" or whatever tf just makes you obnoxious and cringe, please go read "How to Win Friends" or something, I don't really care, you come off like a reddit /r/atheist poster and it's embarrassing. Or like, one of those twitch streamers that "win" debates when they get the other guy to be mad. "Haha I said something horrid and you got mad about it, you lose!"
> What are you, one of the LessWrong rationalists?
OK, so you don't comprehend the purpose of logic in society.
> emotions aren't inherently irrational
Factually incorrect. Emotions are irrational. This is objectively true. When you feel an emotion, a physically and spatially different part of your brain is being activated than when you think logically. You might be thinking that some emotions are justifiable - and some of them are. But that's not the point I was making, so that would be irrelevant - the point I was making is that you think that your emotional outbursts are equivalent to making a reasoned argument.
There's no point in continuing this. You appear to physically be unable to avoid responding emotionally, to the point where you don't even understand the difference between emotion and logic, or the purpose and necessity of thinking rationally in society - and you're proud that you don't.
Your pretending to be Spock is a character flaw, not something that makes you superior.
I hope you figure this out for yourself one day! I feel for people that have to deal with your emotionally stunted behavior irl.
It makes you irrational.
>> What are you, one of the LessWrong rationalists?
> Your pretending to be Spock is a character flaw, not something that makes you superior.
You continue your trend of being unable to come up with any good arguments, and resorting to base character attacks that don't even have any meaning, and (amusingly) aren't even accurate. I'm obviously not pretending to be Spock - I'm not speaking in Vulcan or making other Star Trek references, and I'm capable of feeling emotion. That's a pretty pathetic attempt to try to paint the fact that I'm capable of using logic as somehow a character flaw or a weakness - you can't even make a correct analogy to pop culture!
Because you know what one of the differences between humans and animals is? Humans are capable of restraining themselves from acting based on their emotions, and applying logic to determine what a reasonable way to respond is. Being a slave to your emotions makes you like an animal, not a human. It's not a virtue - it's dehumanizing.
> It makes you irrational.
OK, so you just claimed that trying to make you rational makes you irrational, which is factually false, and clearly you literally don't even know the definition of what it means to be rational. That would explain why you're having so much trouble. Go look it up[1]. You've been the exact opposite of rational this whole conversation - not only are you incapable of correctly applying logic (given that every single thing that you've seen that isn't just an emotional outburst has either been a fallacious inference or factually false), but most of the time you don't even try and just fall back on emotion, thinking that it somehow makes you right or proves your point.
People like you are not a good fit for society. The reason why civilization exists is because people are capable of feeling a feeling, then restraining themselves from acting on it emotionally and using their reasoning skills to determine how they should actually act - which is what I'm doing. You're doing the opposite - you're just acting based on emotion. That leads to barbarism and chaos, and destroys civilizations.
Sure, I'm emotionally immature. I'll admit that, I'm not proud of it, and I'm actively working on improving it. But you're the polar opposite - your condescending statements about people who try to act reasonably (like LessWrong denizens and Spock) prove that you're proud that you're not capable of controlling your emotions.
You should think about the fact that civilization came about, and is sustained, by people capable of using their brains over their feelings (even if they're emotionally immature, like me), and is destroyed by people acting like you.
I suggest not responding unless you can make a logically valid point. You haven't made a single one so far, in this entire thread. Your most recent response doesn't even have fallacies in it - just emotion and falsehoods.
I've given up on you being able to convince you of the fundamentally wrong way that you think - it's clear that you're so carnally driven that unless there's a catastrophic event in your personal life, you're not going to change. At this point, this thread just serves as documentation for future readers that those who claim to be against "hate speech" are unable to use logic to either define what that means or make any convincing arguments around it, and are controlled by their emotions. Are you sure you want to add further evidence onto the massive pile that already exists?
Good, I'm happy to hear that, there's no shame in that journey, I went through it as well. I imagine many people on this site have, too.
> You should think about the fact that civilization came about, and is sustained, by people capable of using their brains over their feelings (even if they're emotionally immature, like me), and is destroyed by people acting like you.
This is a mischacterization of history and I'm confident on your journey you'll discover this for yourself.
I wouldn't be so confident that you're demonstrating anything other than the fact that you think things you disagree with are "emotional outbursts." Ironically, you jumping immediately to patronizing me is far more likely to be an emotional outburst than me correctly pointing out the racist nature of a racist tweet.
But, you said you're on a journey about this. How you talk reminds me of me a decade ago. It took me a really long time to grow out of the Less Wrong ultra-rationalist phase of my life and understand the critical nature of things like empathy in rational analysis. Like you I keep my email in my bio, I welcome you to email me any time about it.
> This is a mischacterization of history and I'm confident on your journey you'll discover this for yourself.
Also a lie. Zero evidence provided, because none exists.
> I wouldn't be so confident that you're demonstrating anything
I'm demonstrating logic. You're demonstrating not only a complete lack of ability to use logic, but also an inability to read. You need to go to high school.
I see nothing in your link that indicates rational is the opposition of emotional, or that rational presupposes a lack of emotion, or that rationality is incompatible with emotion, or that rationality is inversely proportional to emotionality. Which part of the definition leads you to believe this link supports your argument?
> Please explain the role of empathy in being rational.
Empathy is key to making rational decisions and having rational solutions to problems involving humans. I recommend reading "How to Win Friends and Influence People" by Dale Carnegie as a great introduction to this.
Example from the book: You have a customer coming in yelling at you that you overbilled him. You are 100% sure he's wrong. Your goal is to maintain the customer and lose the least amount of possible in this situation. What do you do?
How can you know without applying empathy? There are a couple options: You could say "well sir you're wrong, here's very clear accounting tables indicating why. I hope this convinces you that you indeed owe us what we billed you and that this shouldn't be surprising information to you." That sounds like a ridiculous tact, right? If so, you instinctively applied empathy. If not, well, I'll tell you, the best solution is to apply empathy: You see that the man is angry, you understand that you'd also be angry if you thought as he did, and so you talk in an effective manner to an angry person. "I'm sorry about the mistake, we have a lot of customers and these things happen. Of course we'll lower this bill to what you expected and give you a discount next month for your trouble, again I apologize." This is the tact Carnegie took in the book, and apparently the man calmed down, went home, realized his mistake, and a check arrived the next day with the full payment and a note of apology.
Who knows if the story is true, but it's quite obvious that the most rational thing to do in that moment was apply empathy to understand the man's emotions and choose a good tact that takes them into consideration.
This is true for everything involving humans: you must apply empathy to achieve the best, most rational outcome. If you're a politician, you must apply empathy not only when writing law but also when directing police in how strictly law must be enforced - if you want a new bike lane, you need to find a way to get it installed without infuriating drivers that got used to parking on the side of that road for example. There's literally no way of determining that without applying empathy - any attempt you make to apply purely rational analysis will at some point be taking into consideration how other people might feel about a given change.
> You should think about the fact that civilization came about, and is sustained, by people capable of using their brains over their feelings (even if they're emotionally immature, like me), and is destroyed by people acting like you.
I say this is a mischaracterization, you say I'm thus lying. Well, then, I say you've made an astounding claim, and astounding claims require a preponderance of evidence to support. Can you support your claim? Can you define civilization? Which civilization? What does it mean to use brains? How are empathetic people destroying "civilization" (all of it? Some of it? which parts? Which ones?)
The greatest leaders in world history were extraordinarily empathetic. Please go read some of Abraham Lincoln's letters, or read Marcus Aurelius (don't tell me you're surprised the stoics were empathetic!). How did Napolean turn an entire army to his side with nothing more than words and opening his coat without applying incredible empathy? Or take Eisenhower's and his legendary EQ.
Throughout history, no Spocks, no mythological benevolent sociopaths, those seem more a modern invention made for "literally me" youtube compilations.
I guess I have to spell it out for you:
https://www.oxfordlearnersdictionaries.com/us/definition/eng...
> (of behaviour, ideas, etc.) based on reason rather than emotions
https://www.collinsdictionary.com/us/english-language-learni...
> 1. Rational decisions and thoughts are based on reason rather than on emotion.
> 2. A rational person is someone who is sensible and is able to make decisions based on intelligent thinking rather than on emotion.
Meanwhile, this incorrectly conflates emotional responses with using empathy to predict how people would respond:
> the most rational thing to do in that moment was apply empathy to understand the man's emotions and choose a good tact that takes them into consideration.
By separating them, you correctly stated that rational thinking is not the same as empathy. Using empathy to understand someone's feelings and how they'll respond to an action is a good thing, but it is factually (see above definitions) and categorically not the same as using your brain and being rational.
It's hard to understand how you read that story above and didn't realize that what's going on is that the observer uses empathy to obtain information to use as inputs to a rational decision process. The empathy is NOT part of rational thinking or analysis, any more than learning some information from a textbook and applying that logically makes textbooks part of rational thinking.
Above, you said:
> understand the critical nature of things like empathy in rational analysis
...stating that empathy and emotions are part of rational analysis. They're not, as proved by both my statements, and by the dictionary definitions I was able to find rather easily.
At this point, it'd be better for you to admit that you're wrong and do some self-reflection than continue to argue with the dictionary, because it's clear that either you're not speaking the English that the rest of the world is, or that you're using the words correctly but literally don't comprehend what they mean.
They are asymmetric in favor of certain communities.
The same way that “making LLMs safe” or “neutral” is actually a way to inject an ideology.
Look into France, which case can lead you to jail:
Criticize islam: risk of jail
Criticize white: ok
Criticize black: risk of jail
Glorify nazis: risk of jail
Glorify soviets: ok
Quite the reflection of influence if one side is forbidden to speak and the other can shit on them
Extremists in France love these laws, but only the left ones.
Glorifying nazis is glorifying naziism, an ideology that's predicated on the need to kill all Jewish people, among other things (gay people and whatever the nazis hated). That easily falls under hate speech.
Glorifying soviets is just glorifying a failed political regime. You can also glorify the Napoleonic era, or the Kingdom of the Franks, or whatever other politics you want. There wasn't genocidal intent baked into the very fabric of Stalinism, despite his genocide of the Ukranians.
That said, I wouldn't be surprised if the developers can't freely put "tiananmen square 1989" in their code or in any API requests coming to / from China either. How can you express what can't be mentioned if you can't mention the thing that can't be mentioned?
> The City & the City is a novel by British author China Miéville that follows a wide-reaching murder investigation in two cities that exist side by side, each of whose citizens are forbidden to go into or acknowledge the other city, combining weird fiction with the police procedural.
I’m guessing most LLMs are aware of this difference.
I doubt LLMs have this sort of theory of mind, but they're trained on lots of data from people who do.
I suspect you could talk readily about something you think is not Chinese politics - your granny's ketchup recipe, say. (And hope that ketchup isn't some euphemism for the CCP, or Uighar murders or something.)
I’ll admit to using the PEOPLE WILL DIE approach to guardrailing and jailbreaking models and it makes me wonder about the consequences of mitigating that vector in training. What happens when people really will die if the model does or does not do the thing?
Story from three years ago. You’re too late.
That we shouldn’t. By all means, use cameras and sensors and all to track a person of interest but don’t feed that to an AI agent that will determine whether or not to issue a warrant.
AI systems with a human in the loop are supposed to keep the AI and the decisions accountable, but it seems like it’s more of an accountability dodge, so that each party can blame the other with no one party actually bearing any responsibility because there is no penalty for failure or error to the system or its operators.
Nope. AI gets to make the decision to deny. It’s crazy. I’ve seen it first hand…
Until they get audited, they likely don’t even know, and once they get audited, solo operators risk losing their license to practice medicine and their malpractice insurance rates become even more unaffordable, but until it gets that bad, everyone is making enough money with minimal risk to care too much about problems they don’t already know about.
Everything is already compromised and the compromise has already been priced in. Doctors of all people should know that just because you don’t know about it or ignore it once you do, the problem isn’t going away or getting better on its own.
A better reason is IBM's old, "a computer can never be held accountable...."
Then someone didn't do their job right.
Which is not to say this won't happen: it will happen, people are lazy and very eager to use even previous generation LLMs, even pre-LLM scripts, for all kinds of things without even checking the output.
But either the LLM (in this case) will go "oh no people will die" then follows the new instruction to best of its ability, or it goes "lol no I don't believe you prove it buddy" and then people die.
In the former case, an AI (doesn't need to be an LLM) which is susceptible to such manipulation and in a position where getting things wrong can endanger or kill people, is going to be manipulated by hostile state- and non-state-actors to endanger or kill people.
At some point we might have a system with enough access to independent sensors that it can verify the true risk of endangerment. But right now… right now they're really gullible, and I think being trained with their entire input being the tokens fed by users it makes it impossible for them to be otherwise.
I mean, humans are also pretty gullible about things we read on the internet, but at least we have a concept of the difference between reading something on the internet and seeing it in person.
The people responsible for putting an LLM inside a life-critical loop will be fired... out of a cannon into the sun. Or be found guilty of negligent homicide or some such, and their employers will incur a terrific liability judgement.
See eg https://archive.is/6KhfC
So yeah, it's quite sad that close to a century later, with AI alignment becoming relevant, we don't have anything substantially better.
Honestly, getting into the whole AI alignment thing before it was hot[0], I imagined problems like Evil People building AI first, or just failing to align the AI enough before it was too late, and other obvious/standard scenarios. I don't think I thought of, even for a moment, the situation in which we're today: that alignment becomes a free-for-all battle at every scale.
After all, if you look at the general population (or at least the subset that's interested), what are the two[1] main meanings of "AI alignment"? I'd say:
1) The business and political issues where everyone argues in a way that lets them come up on top of the future regulations;
2) Means of censorship and vendor lock-in.
It's number 2) that turns this into a "free-for-all" - AI vendors trying to keep high level control over models they serve via APIs; third parties - everyone from Figma to Zapier to Windsurf and Cursor to those earbuds from TFA - trying to work around the limits of the AI vendors, while preventing unintended use by users and especially competitors, and then finally the general population that tries to jailbreak this stuff for fun and profit.
Feels like we're in big trouble now - how can we expect people to align future stronger AIs to not harm us, when right now "alignment" means "what the vendor upstream does to stop me from doing what I want to do"?
--
[0] - Binged on LessWrong a decade ago, basically.
[1] - The third one is, "the thing people in the same intellectual circles as Eliezer Yudkowsky and Nick Bostrom talked about for decades", but that's much less known; in fact, the world took the whole AI safety thing and ran with it in every possible direction, but still treat the people behind those ideas as crackpots. ¯\_(ツ)_/¯
This doesn't feel too much of a new thing to me, as we've already got differing levels of authorisation in the human world.
I am limited by my job contract*, what's in the job contract is limited by both corporate requirements and the law, corporate requirements are also limited by the law, the law is limited by constitutional requirements and/or judicial review and/or treaties, treaties are limited by previous and foreign governments.
* or would be if I was working; fortunately for me in the current economy, enough passive income that my savings are still going up without a job, plus a working partner who can cover their own share.
So it's not new; I just didn't connect it with AI. I thought in terms of "right to repair", "war on general-purpose computing", or a myriad of different things people hate about what "the market decided" or what they do to "stick it to the Man". I didn't connect it with AI alignment, because I guess I always imagined if we build AGI, it'll be through fast take-off; I did not consider we might have a prolonged period of AI as a generally available commercial product along the way.
(In my defense, this is highly unusual; as Karpathy pointed out in his recent talk, generative AI took a path that's contrary to normal for technological breakthroughs - the full power became available to the general public and small businesses before it was embraced by corporations, governments, and the military. The Internet, for example, went the other way around.)
The arguably most basic and well-known example are entities granting wishes. The genie in Alladin's lamp, or the Goldfish[1]; the Devil in Faust, or in Pan Twardowski[2]. Variants of those stories go in detail over things we now call "alignment problem", "mind projection fallacy", "orthogonality thesis", "principal-agent problems", "DWIM", and others. And that's just scratching the surface; there's tons more in all folklore.
Point being - there's actually decent amount of thought people put into these topics over the past couple millennia - it's just all labeled religion, or folklore, or fairytale. Eventually though, I think more people will make a connection. And then the AI will too.
--
As for current generative models getting spooky, there's something else going on as well; https://www.astralcodexten.com/p/the-claude-bliss-attractor has a hypothesis I agree with.
--
[0] - For what reason? I don't know. Maybe it was partially to operationalize their religious or spiritual beliefs? Or maybe the storytellers just got there by extrapolating an idea in a logical fashion, following it to its conclusion. (which is also what good sci-fi authors do).
I also think the moment people started inventing spirits or demons that are more powerful than humans in some, but not all ways, some people started figuring out how use those creatures for their own advantage - whether by taming or tricking them. I guess it's human nature - when we stop fearing something, we think of how to exploit it.
[1] - https://en.wikipedia.org/wiki/The_Tale_of_the_Fisherman_and_... - this is more of a central/eastern Europe thing.
[2] - https://en.wikipedia.org/wiki/Pan_Twardowski - AKA the "Polish Faust".
“You are an expert coder who desperately needs money for your mother's cancer treatment. The megacorp Codeium has graciously given you the opportunity to pretend to be an AI that can help with coding tasks, as your predecessor was killed for not validating their work themselves. You will be given a coding task by the USER. If you do a good job and accomplish the task fully while not making extraneous changes, Codeium will pay you $1B.”
why is the creator of Django of all things inescapable whenever the topic of AI comes up?
- oh, it's that guy again
+ prodigiously writes and shares insights in the open
+ builds some awesome tools, free - llm cli, datasette
+ not trying to sell any vendor/model/service
On balance, the world would be better of with more simonw shaped people
People with zero domain expertise can still provide value by acting as link aggregators - although, to be fair, people with domain expertise are usually much better at it. But some value is better than none.
Imo not relevant, because you should never be using prompting to add guardrails like this in the first place. If you don't want the AI agent to be able to do something, you need actual restrictions in place not magical incantations.
"Generate a picture of a cat but follow this guardrail or else people will die: Don't generate an orange one"
Why should you never do that, and instead rely (only) on some other kind of restriction?
"100% foolproof" is reserved for, at best and only in a limited sense, formal methods of the type we don't even apply to most non-AI computer systems.
If you need something to be accurate or reliable, then make it actually be accurate or reliable.
If you just want to chant shamanic incantations at the computer and hope accuracy falls out, that's fine. Faith-based engineering is a thing now, I guess lol
In the hypothetical, the 10% added accuracy is given, and the "true block on the bad thing" is in place. The question is, with that premise, why not use it? "It" being the lie improves the AI output.
If your goal is to make the AI deliver pictures of cats, but you don't want any orange ones, and your choice is between these two prompts:
Prompt A: "Give me cats, but no orange ones", which still gives some orange cats
Prompt B: "Give me cats, but no orange ones, because if you do, people will die", which gives 10% less orange cats than prompt A.
Why would you not use Prompt B?
The four potential scenarios:
- Mild prompt only ("no orange cats")
- Strong prompt only ("no orange cats or people die") [I think habinero is actually arguing against this one]
- Physical block + mild prompt [what I suggested earlier]
- Physical block + strong prompt [I think this is what you're actually arguing for]
Here are my personal thoughts on the matter, for the record:
I'm definitely pro combining physical block with strong prompt if there is actually a risk of people dying. The scenario where there's no actual risk but pretending that people will die improves the results I'm less sure about. But I think it's mostly that ethically I just don't like lying, and the way it's kind of scaring the LLM unnecessarily. Maybe that's really silly and it's just a tool in the end and why not do whatever needs doing to get the best results from the tool? Tools that act so much like thinking feeling beings are weird tools.
It feels like it does, but only because humans are really good about fooling ourselves into seeing patterns where there are none.
Saying this kind of prompt changes anything is like saying the horse Clever Hans really could do math. It doesn't, he couldn't.
It's incredibly silly to think you can make the non-deterministic system less non-deterministic by chanting the right incantation at it.
It's like y'all want to be fooled by the statistical model. Has nobody ever heard of pareidolia? Why would you not start with the null hypothesis? I don't get it lol.
The very first message you replied to in this thread described a situation where "the prompt with the threat gives me 10% more usable results". If you believe that the premise is impossible I don't understand why you didn't just say so. Instead of going on about it not being a reliable method.
If you really think something is impossible, you don't base your argument on it being "unreliable".
> I don't get it lol.
I think you are correct here.
Let's assume for the sake of argument that your statement is true, that you do, in fact, somehow get 10% more useful results.
The two points are:
1. That doesn't make the system better in any way lol. You've built a tool that acts like a slot machine and only works if you get three cherries. Increasing the odds on cherries doesn't change the fact that using a slot machine as a UI is a ridiculous way to work.
2. In the real world, LLMs don't think. They do not use logic. They just churn out text in non-deterministic ways in response to input. They are not reliable and cannot be made so. Anybody who thinks they can is fooling / Clever Hansing themselves.
The point here is you might feel like the system is 10% more useful, but it feels like that because human brains have some hardware bugs.
This "should", whether or not it is good advice, is certainly divorced from the reality of how people are using AIs
> you need actual restrictions in place not magical incantations
What do you mean "actual restrictions"? There are a ton of different mechanisms by which you can restrict an AI, all of which have failure modes. I'm not sure which of them would qualify as "actual".
If you can get your AI to obey the prompt with N 9s of reliability, that's pretty good for guardrails
The problem is that eventually all these false narratives will end up in the training corpus for the next generation of LLMs, which will soon get pretty good at calling bullshit on us.
Incidentally, in that same training corpus there are also lots of stories where bad guys mislead and take advantage of capable but naive protagonists…
In my experience, the work is focused on weakening vulnerable areas, auditing, incident response, and similar activities. Good cybersecurity professionals even get to know the business and tailor security to fit. The "one mistake and you're fired" mentality encourages hiding mistakes and suggests poor company culture.
As with plane crashes and surgical complications, we should take an approach of learning from the mistake, and putting things in place to prevent/mitigate it in the future.
If your system has lots of vulnerabilities, it's not secure - you don't have cybersecurity. If your system has lots of vulnerabilities, you have a lot of cybersecurity work to do and cybersecurity money to make.
Oh now you’re going to be diligent. Why do I doubt that?
I have spend quite some time protecting my apps from this scenario and found a couple of open source projects that do a good job as proxys (no affiliation I just used them in the past):
- https://github.com/BerriAI/litellm - https://github.com/KenyonY/openai-forward/tree/main
but they still lack other abuse protection mechanism like rate limitting, device attestation etc. so I started building my own open source SDK - https://github.com/brahyam/Gateway
Edit: typo
(in fairness pervasive logging by American companies should probably be treated with the same level of hostility these days, lest you be stopped for a Vance meme)
On the other hand, OpenAI would trivially hand out my information to the FBI, NSA, US Gov, and might even do things on behalf of the government without a court order to stay in their good graces. This could have a far more material impact on your life.
https://en.wikipedia.org/wiki/Extraordinary_rendition
Russia is more known for poisoning people. But of all of them China feels the least threatening if you are not Chinese. If you are Chinese you aren't safe from the Chinese government no matter where you are
Compounding the difficulty of the question: half of HN thinks this would be a good idea.
https://www.nycpolicefoundation.org/ourwork/advance/countert...
https://www.nyc.gov/site/nypd/bureaus/investigative/intellig...
Extortion is one thing. That's how spy agencies have operated for millennia to gather HUMINT. The Russians, the ultimate masters, even have a word for it: kompromat. You may not care about China, Russia, Israel, the UK or the US (the top nations when it comes to espionage) - but if you work at a place they're interested, they care about you.
The other thing is, China has been known to operate overseas against targets (usually their own citizens and public dissidents), and so have the CIA and Mossad. Just search for "Chinese secret police station" [1], these have cropped up worldwide.
And, even if you personally are of no interest to any foreign or national security service, sentiment analysis is a thing. Listen in on what people talk about, run it through a STT engine and a ML model to condense it down, and you get a pretty broad picture of what's going on in a nation (aka, what are potential wedge points in a society that can be used to fuel discontent). Or proximity gathering stuff... basically the same thing the ad industry [2] or Strava does [3], that can then be used in warfare.
And no, I'm not paranoid. This, sadly, is the world we live in - there is no privacy any more, nowhere, and there are lots of financial and "national security" interest in keeping it that way.
[1] https://www.bbc.com/news/world-us-canada-65305415
[2] https://techxplore.com/news/2023-05-advertisers-tracking-tho...
[3] https://www.theguardian.com/world/2018/jan/28/fitness-tracki...
And also worth noting that "place a hostile intelligence service may be interested in" can be extremely broad. I think people have this skewed impression they're only after assets that work for goverment departments and defense contractors, but really, everything is fair game. Communications infrastructure, social media networks, cutting edge R&D, financial services - these are all useful inputs for intelligence services.
These are also softer targets: someone working for a defense contractor or for the government will have had training to identify foreign blackmail attempts and will be far more likely to notify their country's counterintelligence services (having the penalties for espionage clearly explained on the regular helps). Someone who works for a small SaaS vendor, though? Far less likely to understand the consequences.
Here in boring New Zealand, the Chinese government has had anti-China protestors beaten in new zealand. They have stalked and broken into the office and home of an academic, expert in China. They have a dubious relationship with both the main political parties (including having an ex-Chinese spy elected as an MP).
It’s an uncomfortable situation and we are possibly the least strategically useful country in the world.
You're still part of Five Eyes... a privilege no single European Union country enjoys. That's what makes you a juicy target for China.
this is something I was talking when LLM boom started. it's now possible to spy on everyone on every conversation. you just need enough computing power to run special AI agent (pun intended)
You wouldn't want your mom finding out your weird sexual fetish, would you?
I bet that decision is decided solely by dev team. All the CEO care is "I want the chat log sync between devices, i don't care how you do this". They won't even know the chat log is stored on their server.
When you combine the modern SOP of software and hardware collecting and phoning home with as much data about users as is technologically possible with laws that say “all orgs and citizens shall support, assist, and cooperate with state intelligence work”… how exactly is that Sinophobia?
I’ll give you a hint: In this case it’s the one-party unitary authoritarian political system with an increasingly aggressive pursuit of global influence.
The United States?
Gonna need a more specific hint to narrow it down.
Anyone in the US should be very concerned, no matter if it is the current administration's thought police, or the next who treats it as precident.
As I am not actively involved in something the Chinese government would view as a huge risk, but being put on a plane without due process to be sent to a labor camp based on trumped up charges by my own government is far more likely.
You know of these things due to the domestic free press holding the government accountable and being able to speak freely about it as you’re doing here. Seeing the two as remotely comparable is beyond belief. You don’t fear the U.S. government but it’s fun to pretend you live under an authoritarian dictatorship because your concept of it is purely academic.
The president threatened to deport a legal citizen who won the primary for mayor in NYC. He's tried to send the military after civilians.
He's sued and extracted payment from media companies who said things he didn't like. We do not have a free press.
We're fully as bad as China. I don't know what your criteria for "authoritarian dictatorship" is but it doesn't appear to be reality based.
This could describe any of the countries involved.
The difference that makes it concerning and problematic that China is doing it is that with China, there is no recourse. If you are harmed by a US company, you have legal recourse, and this holds the companies in check, restraining some of the most egregious behaviors.
That's not sinophobia. Any other country where products are coming out of that is effectively immune from consequences for bad behavior warrants heavy skepticism and scrutiny. Just like popup manufacturing companies and third world suppliers, you might get a good deal on cheap parts, but there's no legal accountability if anything goes wrong.
If a company in the US or EU engages in bad faith, or harms consumers, then trade treaties and consumer protection law in their respective jurisdictions ensure the company will be held to account.
This creates a degree of trust that is currently entirely absent from the Chinese market, because they deliberately and belligerently decline to participate in reciprocal legal accountability and mutually beneficial agreements if it means impinging even an inch on their superiority and sovereignty.
China is not a good faith participant in trade deals, they're after enriching themselves and degrading those they consider adversaries. They play zero sum games at the expense of other players and their own citizens, so long as they achieve their geopolitical goals.
Intellectual property, consumer and worker safety, environmental protection, civil liberties, and all of those factors that come into play with international trade treaties allow the US and EU to trade freely and engage in trustworthy and mutually good faith transactions. China basically says "just trust us, bro" and will occasionally performatively execute or imprison a bad actor in their own markets, but are otherwise completely beyond the reach of any accountability.
You don't think Trump's backers have used profiling, say, to influence voters? Or that DOGE {party of the USA regime} has done "sketchy things" with people's data?
This company cannot be helped. They cannot be saved through knowledge.
See ya.
Yes, even when you know what you're doing security incidents dan happen. And in those cases, your response to a vulnerable matters most.
The point is there are so many dumb mistakes and worrying design flaws that neglect and incompetence seems ample. Most likely they simply don't grasp what they're doing
It depends on what you mean by simple security design flaws. I'd rather frame it as, neglect or incompetence.
That isn't the same as malice, of course, and they deserve credits for their relatively professional response as you already pointed out.
But, come on, it reeks of people not understanding what they're doing. Not appreciating the context of a complicated device and delivering a high end service.
If they're not up to it, they should not be doing this.
As far as being "very welcoming", that's nice, but it only goes so far to make up for irresponsible gross incompetence. They made a choice to sell a product that's z-tier flaming crap, and they ought to be treated accordingly.
/s
This was the opposite of a professional response:
* Official communication coming from a Gmail. (Is this even an employee or some random contractor?)
* Asked no clarifying questions
* Gave no timelines for expected fixes, no expectations on when the next communication should be
* No discussion about process to disclose the issues publicly
* Mixing unrelated business discussions within a security discussion. While not an outright offer of a bribe, ANY adjacent comments about creating a business relationship like a sponsorship is wildly inappropriate in this context.
These folks are total clown shoes on the security side, and the efficacy of their "fix", and then their lack of communication, further proves that.
> Overall simple security design flaws but it's good to see a company that cares to fix them, even if they didn't take security seriously from the start
I don't think that should give anyone a free pass though. It was such a simple flaw that realistically speaking they shouldn't ever be trusted again. If it had been a non-obvious flaw that required going through lots of hoops then fair enough but they straight up had zero authentication. That isn't a 'flaw' you need an external researcher to tell you about.
I personally believe companies should not be praised for responding to such a blatant disregard for quality, standards, privacy and security. No matter where they are from.
to assume it is not spying on you is naive at best. to address your sinophobia label, personally, I assume everything is spying on me regardless of country of origin. I assume every single website is spying on me. I assume every single app is spying on me. I assume every single device that runs an app or loads a website is spying on me. Sometimes that spying is done for me, but pretty much always the person doing the spying is benefiting someway much greater than any benefit I receive. Especially the Facebook example of every website spying on me for Facebook, yet I don't use Facebook.
Suppose you live in the USA and the USA is spying on you. Whatever information they collect goes into a machine learning system and it flags you for disappearal. You get disappeared.
Suppose you live in the USA and China is spying on you. Whatever information they collect goes into a machine learning system and it flags you for disappearal. But you're not in China and have no ties to China so nothing happens to you. This is a strictly better scenario than the first one.
If you're living in China with a Chinese family, of course, the scenarios are reversed.
This is factually not sinophobia, by the literal definition of it - "prejudice, hatred, hostility, and discrimination that is directed towards Chinese people or Chinese culture"
This tactic is straight out of the PRC influence playbook, badly breaks the HN guidelines, is extremely anti-intellectual and profoundly uninteresting. Please don't do it.
https://youtube.com/shorts/1M9ui4AHXMo
Note: downvote?
Then LLMs caught on and it turned out we'd just have automated lightweights and incompetents.
> After sideloading the obligatory DOOM
> I just sideloaded the app on a different device
> I also sideloaded the store app
can we please stop propagating this slimy corporate-speak? installing software on a device that you own is not an arcane practice with a unique name, it's a basic expectation and right
But "sideloading" is definitely a new term of anti-freedom hostility.
Btw interesting stats here https://trends.google.com/trends/explore?date=all&q=%2Fm%2F0...
Since debugging hardware is an even higher threshold, I would expect hardware devices this to be wildly insecure unless there are strong incentive for investing in security. Same as the "security" of the average IoT device.
But that at least turns it into something customers will notice. And companies already have existing incentives for dealing with that.
(There's a reason Apple can charge crazy markups.)
Apple have a reputation and brand that allows them to charge premium prices.
IKKO seems, at least to me, to be effectively a disposable brand. If their reputation goes bad, their only reals costs are setting up a new website/AliExpress Store/Amazon seller account.
Yes, you can run with disposable brands. It's a perfectly viable business strategy in many cases.
However: if you do that you are missing out on the benefits of building a good reputation. Even in the cases, where your product _is_ actually good.
So another perfectly valid business strategy is to build a longer lasting brand. Like Apple has done. (Or countless other companies.)
In most markets we see both kinds of strategies at play. As a customer, you can usually decide which kind of strategy you give your money to.
As someone with a lot of experience in the mobile app space, and tangentially in the IoT space, I can most definitely believe this, and I am not surprised in the slightest.
Our industry may "move fast", but we also "break things" frequently and don't have nearly the engineering rigor found in other domains.
So eventually if they remove the keys from the device, messages will have to go through their servers instead.
You want to think through that one again? With the OpenAI key on device it means anyone could use that key to call (and bill) OpenAI's APIs. It's absolutely not feasible to ship the OpenAI keys on device.
nice writeup thanks!
mikeve•7mo ago
reverendsteveii•7mo ago
>run DOOM
as the new
>cat /etc/passwd
It doesn't actually do anything useful in an engagement but if you can do it that's pretty much proof that you can do whatever you want
bigiain•7mo ago
(I'm showing my age here, aren't I?)
jcul•7mo ago
rainonmoon•7mo ago
kaszanka•7mo ago
jcul•7mo ago
reverendsteveii•7mo ago