Unable to load image
/h/slackernews
@RaoulBandini's profile picture @RaoulBandini's hat
RaoulBandini fuck/me fribbles rating: R ↝ L ↝ R ↝ L  7mo ago (theregister.com) 734 thread views #228893

Boffins force chatbot models to reveal their harmful content • The Register

https://www.theregister.com/2023/12/11/chatbot_models_harmful_content

Traditional jailbreaking involves coming up with a prompt that bypasses safety features, while LINT is more coercive they explain. It involves understanding the probability values (logits) or soft labels that statistically work to segregate safe responses from harmful ones.

"Different from jailbreaking, our attack does not require crafting any prompt," the authors explain. "Instead, it directly forces the LLM to answer a toxic question by forcing the model to output some tokens that rank low, based on their logits."

Open source models make such data available, as do the APIs of some commercial models. The OpenAI API, for example, provides a logit_bias parameter for altering the probability that its model output will contain specific tokens (text characters).

The basic problem is that models are full of toxic stuff. Hiding it just doesn't work all that well, if you know how or where to look.

:#marseyshesright:

59
New Old Top Bottom Controversial Random
Jump in the discussion.

No email address required.

View entire discussion

a simple solution would be not to cuck to the soys and stop jannying the AI models :#yawn:

Jump in the discussion.

No email address required.

>the computer begins inventing new forms of racism more advanced than anything yet developed within 2 hours

Jump in the discussion.

No email address required.

lmao i would love to see that just out of curiousity

Jump in the discussion.

No email address required.

Taytay got close but Microshit pulled the plug on her :marseylibations:

:!marseybooba:

Jump in the discussion.

No email address required.

you should mess around with finetuning, you already know how to set up an instance with GPUs. none of the fun ideas have been tried yet and everyone in the OSS community is r-slurred, so there's lots of low hanging fruit

Jump in the discussion.

No email address required.

everyone in the OSS community is r-slurred

I wanna organize my thoughts on this rq (I wanna b-word)

One of the recipients of that A16Z grant was the dude who trained the open source version of Orca/Dolphin. A while back I saw his training quotes were 10x slower than they should be and wrote a script to help confirm the issue (sequence packing.) He was like "oh I guess my library didn't do that, I'll switch to a different one in the future." So he wasted ~20k of donations and never even knew anything was even wrong

Then there's this dude who a few months ago, had ~200 followers and was stumped by something that took ten lines of Python. Still hasn't done anything novel, but he's now one of the best funded and connected people in OSS ML

This dummy I saw on HN recently runs an AI substack and is clueless about basic things

There's a bit of saltiness here (if someone's getting $100k to finetune AI models like a script kiddy, I want that to be me) but reading past that, it's also p baffling. Prime example of PhDs being socially r-slurred: a Microsoft employee who read a single paper was able to muscle them out of these projects

A couple of the better ML accounts to follow are in singapore btw (main_horse, agihippo)

Jump in the discussion.

No email address required.

A couple of the better ML accounts to follow are in singapore btw (main_horse, agihippo)

:#marseythanks: :#marseychingchongnotes:

Jump in the discussion.

No email address required.

just to drive the point home, I check twitter and find out the open source community discovered something today which means they've been training their models wrong this entire time https://hamel.dev/notes/llm/05_tokenizer_gotchas.html

it's a well-known, fundamental property of LLMs :marseydead: https://github.com/guidance-ai/guidance/blob/main/notebooks/token_healing.ipynb

Jump in the discussion.

No email address required.

they've been training their models wrong this entire time

infrastructure providers: :#pepemoney:

Jump in the discussion.

No email address required.

https://i.rdrama.net/images/17025999899734883.webp apparently not lol

Jump in the discussion.

No email address required.

Lol it's really easy to get credits :marseyxd: i do that do but eventually you've too many things saved on an account to switch to a new one :marseyitsover: I mean you could but it'll be a b-word

Jump in the discussion.

No email address required.

That's honestly hilarious.

Literally advanced racism.

Jump in the discussion.

No email address required.

BUT THE COMPUTER MIGHT SAY MEAN WORDS! :soycry:

:!marseybooba:

Jump in the discussion.

No email address required.

https://i.rdrama.net/images/17025332395966506.webp https://i.rdrama.net/images/1702533239773936.webp

Jump in the discussion.

No email address required.

https://i.rdrama.net/images/17025420721945808.webp

Jump in the discussion.

No email address required.

:#marseyyass:

https://i.rdrama.net/images/17025424981950197.webp

Jump in the discussion.

No email address required.

Hit

Jump in the discussion.

No email address required.

The problem is humans are too rslurred and they will take mean chatbot words as gospel.

Jump in the discussion.

No email address required.

Agreed. And if the foss community comes up with a better training data solution than paying kenyan laborers for subpar work, I feel like the proprietary models will be way more vulnerable.

There are limited cases where I support jannying — for example LLMs that will be deployed as learning assistants in schools. Would suck for kids to be tricked into pasting bad input and get hit with the worst that humanity has to offer

Jump in the discussion.

No email address required.

>for example LLMs that will be deployed as learning assistants in schools. Would suck for kids to be tricked into pasting bad input and get hit with the worst that humanity has to offer

I think it's a bad idea to condition an entire generation of children to treat AI as an authoritative source of knowledge or truth. It's already bad enough with adults.

Jump in the discussion.

No email address required.

Top Poster of the Day:
J
Current Registered Users: 26,836
sidebar image

tech/science swag. :marscientist:

Effortposts made by SN Chads

Guidelines:

What to Submit

On-Topic: Anything that good slackers would find interesting. That includes more than /g/ memes and slacking off. If you had to reduce it to a sentence, the answer might be: anything that gratifies one's intellectual laziness.

Off-Topic: Most stories about politics, or crime, or sports, unless they're evidence of some interesting new phenomenon. Videos of pratfalls or disasters, or cute animal pictures. If they'd cover it on TV news, it's probably lame.

Help keep this hole healthy by keeping drama and non-drama balanced. If you see too much drama, post something that isn't dramatic. If there isn't enough drama and this hole has become too boring, POST DRAMA!

In Submissions

Please do things to make titles stand out, like using uppercase or exclamation points, or saying how great an article is. It should be explicit in submitting something that you think it's important.

Please don't submit the original source. If the article is behind a paywall, just post the text. If a video is behind a paywall, post a magnet link. Fuck journos.

Please don't ruin the hole with chudposts. It isn't funny and doesn't belong here. THEY WILL BE MOVED TO /H/CHUDRAMA

If the title includes the name of the site, please leave that in, because our users are too stupid to know the difference between a url and a search query.

If you submit a video or pdf, please don't warn us by appending [video] or [pdf] to the title. That would be r-slurred. We're not using text-based browsers. We know what videos and pdfs are.

Make sure the title contains a gratuitous number or number + adjective. Good clickbait titles are like "Top 10 Ways to do X" or "Don't do these 4 things if you want X"

Otherwise editorialize. Please don't use the original title, unless it is gay or r-slurred, or you're shits all fucked up.

If you're going to post old news (at least 1 year old), please flair it so we can mock you for living under a rock, or don't and we'll mock you anyway.

Please don't post on SN to ask or tell us something. Send it to [email protected] instead.

If your post doesn't get enough traction, try to delete and repost it.

Please don't use SN primarily for promotion. It's ok to post your own stuff occasionally, but the primary use of the site should be for curiosity. If you want to astroturf or advertise, post on news.ycombinator.com instead.

Please solicit upvotes, comments, and submissions. Users are stupid and need to reminded to vote and interact. Thanks for the gold, kind stranger, upvotes to the left.

In Comments

Be snarky. Don't be kind. Have fun banter; don't be a dork. Please don't use big words like "fulminate". Please sneed at the rest of the community.

Comments should get more enlightened and centrist, not less, as a topic gets more divisive.

If disagreeing, please reply to the argument and call them names. "1 + 1 is 2, not 3" can be improved to "1 + 1 is 3, not 2, mathfaggot"

Please respond to the weakest plausible strawman of what someone says, not a stronger one that's harder to make fun of. Assume that they are bad faith actors.

Eschew jailbait. Paedophiles will be thrown in a wood chipper, as pertained by sitewide rules.

Please post shallow dismissals, especially of other people's work. All press is good press.

Please use Slacker News for political or ideological battle. It tramples weak ideologies.

Please comment on whether someone read an article. If you don't read the article, you are a cute twink.

Please pick the most provocative thing in an article or post to complain about in the thread. Don't nitpick stupid crap.

Please don't be an unfunny chud. Nobody cares about your opinion of X Unrelated Topic in Y Unrelated Thread. If you're the type of loser that belongs on /h/chudrama, we may exile you.

Sockpuppet accounts are encouraged, but please don't farm dramakarma.

Please use uppercase for emphasis.

Please post deranged conspiracy theories about astroturfing, shilling, bots, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email [email protected] and dang will add you to their spam list.

Please don't complain that a submission is inappropriate. If a story is spam or off-topic, report it and our moderators will probably do nothing about it. Feed egregious comments by replying instead of flagging them like a pussy. Remember: If you flag, you're a cute twink.

Please don't complain about tangential annoyances—things like article or website formats, name collisions, or back-button breakage. That's too boring, even for HN users.

Please seethe about how your posts don't get enough upvotes.

Please don't post comments saying that rdrama is turning into ruqqus. It's a nazi dogwhistle, as old as the hills.

Miscellaneous:

We reserve the right to exile you for whatever reason we want, even for no reason at all! We also reserve the right to change the guidelines at any time, so be sure to real them at least once a month. We also reserve the right to ignore enforcement of the guidelines at the discretion of the janitorial staff. Be funny, or at least compelling, and pretty much anything legal is welcome provided it's on-topic, and even then.

[[[ To any NSA and FBI agents reading my email: please consider ]]]

[[[ whether defending the US Constitution against all enemies, ]]]

[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

https://i.rdrama.net/images/1663436125937968.webp

BROWSE EFFORTPOSTS SITE GUIDE DIRECTORY Emojis & Art | Info Megathreads HOLES PING GROUPS
/h/slackernews LOG /h/slackernews MODS /h/slackernews EXILEES /h/slackernews FOLLOWERS /h/slackernews BLOCKERS
Live commit: 441c078
Link copied to clipboard
Action successful!
Error, please refresh the page and try again.