'Hopefulness is not a neutral position. It is adversarial. It is the warrior emotion that can lay waste to cynicism. Each redemptive or loving act, as small as you like – such as reading to your little boy... keeps the Devil down in the hole.' Nick Cave.

I touched on the idea of sleeper agent LLMs at the end of my recent video, as a likely major security challenge for LLMs (perhaps more devious than prompt injection). The concern I described is that an attacker might be able to craft special kind of text (e.g. with a trigger phrase), put it up somewhere on the internet, so that when it later gets pick up and trained on, it poisons the base model in specific, narrow settings (e.g. when it sees that trigger phrase) to carry out actions in some controllable manner (e.g. jailbreak, or data exfiltration). Perhaps the attack might not even look like readable text - it could be obfuscated in weird UTF-8 characters, byte64 encodings, or carefully perturbed images, making it very hard to detect by simply inspecting data. One could imagine computer security equivalents of zero-day vulnerability markets, selling these trigger phrases. To my knowledge the above attack hasn't been convincingly demonstrated yet. This paper studies a similar (slightly weaker?) setting, showing that given some (potentially poisoned) model, you can't "make it safe" just by applying the current/standard safety finetuning. The model doesn't learn to become safe across the board and can continue to misbehave in narrow ways that potentially only the attacker knows how to exploit. Here, the attack hides in the model weights instead of hiding in some data, so the more direct attack here looks like someone releasing a (secretly poisoned) open weights model, which others pick up, finetune and deploy, only to become secretly vulnerable. Well-worth studying directions in LLM security and expecting a lot more to follow.

1000 years of history in 1 image

Introducing Kids Model 123 – comfortable & durable, made with a redesigned outsole that flexes with every movement. This has become a personal project for us, as we set out to make the best shoes that our kids will love wearing everyday! atoms.com/model123

Excited about @unity's beta for Safe Voice, a project I worked on that uses #AI / #ML tech to detect and end player toxicity for in-game voice chat. A process that's traditionally been resource-intensive and highly-manual, much more automated, efficient and scalable for studios

Excited about the release of EndeavorOTC, no-prescription required, non-drug, video game treatment for adults with ADHD! Built on the same technology as Akili’s EndeavorRx, the world’s first FDA-authorized pediatric video game treatment. Available on Apple’s App Store.

Javed Akhtar's masterclass in Lahore on the problem with the idea of a 'pure language'. @Javedakhtarjadu