AXRP - the AI X-risk Research Podcast
AXRP (pronounced axe-urp) is the AI X-risk Research Podcast where I, Daniel Filan, have conversations with researchers about their papers. We discuss the paper, and hopefully get a sense of why it's been written and how it might reduce the risk of AI causing an existential catastrophe: that is, permanently and drastically curtailing humanity's future potential. You can visit the website and read transcripts at axrp.net.
info_outline
38.1 - Alan Chan on Agent Infrastructure
11/16/2024
38.1 - Alan Chan on Agent Infrastructure
Road lines, street lights, and licence plates are examples of infrastructure used to ensure that roads operate smoothly. In this episode, Alan Chan talks about using similar interventions to help avoid bad outcomes from the deployment of AI agents. Patreon: Ko-fi: The transcript: FAR.AI: FAR.AI on X (aka Twitter): FAR.AI on YouTube: The Alignment Workshop: Topics we discuss, and timestamps: 01:02 - How the Alignment Workshop is 01:32 - Agent infrastructure 04:57 - Why agent infrastructure 07:54 - A trichotomy of agent infrastructure 13:59 - Agent IDs 18:17 - Agent channels 20:29 - Relation to AI control Links: Alan on Google Scholar: IDs for AI Systems: Visibility into AI Agents: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/33956502
info_outline
38.0 - Zhijing Jin on LLMs, Causality, and Multi-Agent Systems
11/14/2024
38.0 - Zhijing Jin on LLMs, Causality, and Multi-Agent Systems
Do language models understand the causal structure of the world, or do they merely note correlations? And what happens when you build a big AI society out of them? In this brief episode, recorded at the Bay Area Alignment Workshop, I chat with Zhijing Jin about her research on these questions. Patreon: Ko-fi: The transcript: FAR.AI: FAR.AI on X (aka Twitter): FAR.AI on YouTube: The Alignment Workshop: Topics we discuss, and timestamps: 00:35 - How the Alignment Workshop is 00:47 - How Zhijing got interested in causality and natural language processing 03:14 - Causality and alignment 06:21 - Causality without randomness 10:07 - Causal abstraction 11:42 - Why LLM causal reasoning? 13:20 - Understanding LLM causal reasoning 16:33 - Multi-agent systems Links: Zhijing's website: Zhijing on X (aka Twitter): Can Large Language Models Infer Causation from Correlation?: Cooperate or Collapse: Emergence of Sustainable Cooperation in a Society of LLM Agents: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/33925867
info_outline
37 - Jaime Sevilla on AI Forecasting
10/04/2024
37 - Jaime Sevilla on AI Forecasting
Epoch AI is the premier organization that tracks the trajectory of AI - how much compute is used, the role of algorithmic improvements, the growth in data used, and when the above trends might hit an end. In this episode, I speak with the director of Epoch AI, Jaime Sevilla, about how compute, data, and algorithmic improvements are impacting AI, and whether continuing to scale can get us AGI. Patreon: Ko-fi: The transcript: Topics we discuss, and timestamps: 0:00:38 - The pace of AI progress 0:07:49 - How Epoch AI tracks AI compute 0:11:44 - Why does AI compute grow so smoothly? 0:21:46 - When will we run out of computers? 0:38:56 - Algorithmic improvement 0:44:21 - Algorithmic improvement and scaling laws 0:56:56 - Training data 1:04:56 - Can scaling produce AGI? 1:16:55 - When will AGI arrive? 1:21:20 - Epoch AI 1:27:06 - Open questions in AI forecasting 1:35:21 - Epoch AI and x-risk 1:41:34 - Following Epoch AI's research Links for Jaime and Epoch AI: Epoch AI: Machine Learning Trends dashboard: Epoch AI on X / Twitter: Jaime on X / Twitter: Research we discuss: Training Compute of Frontier AI Models Grows by 4-5x per Year: Optimally Allocating Compute Between Inference and Training: Algorithmic Progress in Language Models [blog post]: Algorithmic progress in language models [paper]: Training Compute-Optimal Large Language Models [aka the Chinchilla scaling law paper]: Will We Run Out of Data? Limits of LLM Scaling Based on Human-Generated Data [blog post]: Will we run out of data? Limits of LLM scaling based on human-generated data [paper]: The Direct Approach: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/33334332
info_outline
36 - Adam Shai and Paul Riechers on Computational Mechanics
09/29/2024
36 - Adam Shai and Paul Riechers on Computational Mechanics
Sometimes, people talk about transformers as having "world models" as a result of being trained to predict text data on the internet. But what does this even mean? In this episode, I talk with Adam Shai and Paul Riechers about their work applying computational mechanics, a sub-field of physics studying how to predict random processes, to neural networks. Patreon: Ko-fi: The transcript: Topics we discuss, and timestamps: 0:00:42 - What computational mechanics is 0:29:49 - Computational mechanics vs other approaches 0:36:16 - What world models are 0:48:41 - Fractals 0:57:43 - How the fractals are formed 1:09:55 - Scaling computational mechanics for transformers 1:21:52 - How Adam and Paul found computational mechanics 1:36:16 - Computational mechanics for AI safety 1:46:05 - Following Adam and Paul's research Simplex AI Safety: Research we discuss: Transformers represent belief state geometry in their residual stream: Transformers represent belief state geometry in their residual stream [LessWrong post]: Why Would Belief-States Have A Fractal Structure, And Why Would That Matter For Interpretability? An Explainer: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/33247517
info_outline
New Patreon tiers + MATS applications
09/28/2024
New Patreon tiers + MATS applications
Patreon: MATS: Note: I'm employed by MATS, but they're not paying me to make this video.
/episode/index/show/axrpodcast/id/33240392
info_outline
35 - Peter Hase on LLM Beliefs and Easy-to-Hard Generalization
08/24/2024
35 - Peter Hase on LLM Beliefs and Easy-to-Hard Generalization
How do we figure out what large language models believe? In fact, do they even have beliefs? Do those beliefs have locations, and if so, can we edit those locations to change the beliefs? Also, how are we going to get AI to perform tasks so hard that we can't figure out if they succeeded at them? In this episode, I chat with Peter Hase about his research into these questions. Patreon: Ko-fi: The transcript: Topics we discuss, and timestamps: 0:00:36 - NLP and interpretability 0:10:20 - Interpretability lessons 0:32:22 - Belief interpretability 1:00:12 - Localizing and editing models' beliefs 1:19:18 - Beliefs beyond language models 1:27:21 - Easy-to-hard generalization 1:47:16 - What do easy-to-hard results tell us? 1:57:33 - Easy-to-hard vs weak-to-strong 2:03:50 - Different notions of hardness 2:13:01 - Easy-to-hard vs weak-to-strong, round 2 2:15:39 - Following Peter's work Peter on Twitter: Peter's papers: Foundational Challenges in Assuring Alignment and Safety of Large Language Models: Do Language Models Have Beliefs? Methods for Detecting, Updating, and Visualizing Model Beliefs: Does Localization Inform Editing? Surprising Differences in Causality-Based Localization vs. Knowledge Editing in Language Models: Are Language Models Rational? The Case of Coherence Norms and Belief Revision: The Unreasonable Effectiveness of Easy Training Data for Hard Tasks: Other links: Toy Models of Superposition: Interpretability Beyond Feature Attribution: Quantitative Testing with Concept Activation Vectors (TCAV): Locating and Editing Factual Associations in GPT (aka the ROME paper): Of nonlinearity and commutativity in BERT: Inference-Time Intervention: Eliciting Truthful Answers from a Language Model: Editing a classifier by rewriting its prediction rules: Discovering Latent Knowledge Without Supervision (aka the Collin Burns CCS paper): Weak-to-Strong Generalization: Eliciting Strong Capabilities With Weak Supervision: Concrete problems in AI safety: Rissanen Data Analysis: Examining Dataset Characteristics via Description Length: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/32726337
info_outline
34 - AI Evaluations with Beth Barnes
07/28/2024
34 - AI Evaluations with Beth Barnes
How can we figure out if AIs are capable enough to pose a threat to humans? When should we make a big effort to mitigate risks of catastrophic AI misbehaviour? In this episode, I chat with Beth Barnes, founder of and head of research at METR, about these questions and more. Patreon: Ko-fi: The transcript: Topics we discuss, and timestamps: 0:00:37 - What is METR? 0:02:44 - What is an "eval"? 0:14:42 - How good are evals? 0:37:25 - Are models showing their full capabilities? 0:53:25 - Evaluating alignment 1:01:38 - Existential safety methodology 1:12:13 - Threat models and capability buffers 1:38:25 - METR's policy work 1:48:19 - METR's relationships with labs 2:04:12 - Related research 2:10:02 - Roles at METR, and following METR's work Links for METR: METR: METR Task Development Guide - Bounty: METR - Hiring: Autonomy evaluation resources: Other links: Update on ARC's recent eval efforts (contains GPT-4 taskrabbit captcha story) Password-locked models: a stress case for capabilities evaluation: Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training: Untrusted smart models and trusted dumb models: AI companies aren't really using external evaluators: Nobody Knows How to Safety-Test AI (Time): ChatGPT can talk, but OpenAI employees sure can’t: Leaked OpenAI documents reveal aggressive tactics toward former employees: Beth on her non-disparagement agreement with OpenAI: Sam Altman's statement on OpenAI equity: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/32317457
info_outline
33 - RLHF Problems with Scott Emmons
06/12/2024
33 - RLHF Problems with Scott Emmons
Reinforcement Learning from Human Feedback, or RLHF, is one of the main ways that makers of large language models make them 'aligned'. But people have long noted that there are difficulties with this approach when the models are smarter than the humans providing feedback. In this episode, I talk with Scott Emmons about his work categorizing the problems that can show up in this setting. Patreon: Ko-fi: The transcript: Topics we discuss, and timestamps: 0:00:33 - Deceptive inflation 0:17:56 - Overjustification 0:32:48 - Bounded human rationality 0:50:46 - Avoiding these problems 1:14:13 - Dimensional analysis 1:23:32 - RLHF problems, in theory and practice 1:31:29 - Scott's research program 1:39:42 - Following Scott's research Scott's website: Scott's X/twitter account: When Your AIs Deceive You: Challenges With Partial Observability of Human Evaluators in Reward Learning: Other works we discuss: AI Deception: A Survey of Examples, Risks, and Potential Solutions: Uncertain decisions facilitate better preference learning: Invariance in Policy Optimisation and Partial Identifiability in Reward Learning: The Humble Gaussian Distribution (aka principal component analysis and dimensional analysis): Fine-tuning Aligned Language Models Compromises Safety, Even When Users Do Not Intend To!: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/31708782
info_outline
32 - Understanding Agency with Jan Kulveit
05/30/2024
32 - Understanding Agency with Jan Kulveit
What's the difference between a large language model and the human brain? And what's wrong with our theories of agency? In this episode, I chat about these questions with Jan Kulveit, who leads the Alignment of Complex Systems research group. Patreon: Ko-fi: The transcript: Topics we discuss, and timestamps: 0:00:47 - What is active inference? 0:15:14 - Preferences in active inference 0:31:33 - Action vs perception in active inference 0:46:07 - Feedback loops 1:01:32 - Active inference vs LLMs 1:12:04 - Hierarchical agency 1:58:28 - The Alignment of Complex Systems group Website of the Alignment of Complex Systems group (ACS): ACS on X/Twitter: Jan on LessWrong: Predictive Minds: Large Language Models as Atypical Active Inference Agents: Other works we discuss: Active Inference: The Free Energy Principle in Mind, Brain, and Behavior: Book Review: Surfing Uncertainty: The self-unalignment problem: Mitigating generative agent social dilemmas (aka language models writing contracts for Minecraft): Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/31508967
info_outline
31 - Singular Learning Theory with Daniel Murfet
05/07/2024
31 - Singular Learning Theory with Daniel Murfet
What's going on with deep learning? What sorts of models get learned, and what are the learning dynamics? Singular learning theory is a theory of Bayesian statistics broad enough in scope to encompass deep neural networks that may help answer these questions. In this episode, I speak with Daniel Murfet about this research program and what it tells us. Patreon: Ko-fi: Topics we discuss, and timestamps: 0:00:26 - What is singular learning theory? 0:16:00 - Phase transitions 0:35:12 - Estimating the local learning coefficient 0:44:37 - Singular learning theory and generalization 1:00:39 - Singular learning theory vs other deep learning theory 1:17:06 - How singular learning theory hit AI alignment 1:33:12 - Payoffs of singular learning theory for AI alignment 1:59:36 - Does singular learning theory advance AI capabilities? 2:13:02 - Open problems in singular learning theory for AI alignment 2:20:53 - What is the singular fluctuation? 2:25:33 - How geometry relates to information 2:30:13 - Following Daniel Murfet's work The transcript: Daniel Murfet's twitter/X account: Developmental interpretability website: Developmental interpretability YouTube channel: Main research discussed in this episode: - Developmental Landscape of In-Context Learning: - Estimating the Local Learning Coefficient at Scale: - Simple versus Short: Higher-order degeneracy and error-correction: Other links: - Algebraic Geometry and Statistical Learning Theory (the grey book): - Mathematical Theory of Bayesian Statistics (the green book): https://www.routledge.com/Mathematical-Theory-of-Bayesian-Statistics/Watanabe/p/book/9780367734817 In-context learning and induction heads: - Saddle-to-Saddle Dynamics in Deep Linear Networks: Small Initialization Training, Symmetry, and Sparsity: - A mathematical theory of semantic development in deep neural networks: - Consideration on the Learning Efficiency Of Multiple-Layered Neural Networks with Linear Units: - Neural Tangent Kernel: Convergence and Generalization in Neural Networks: - The Interpolating Information Criterion for Overparameterized Models: - Feature Learning in Infinite-Width Neural Networks: - A central AI alignment problem: capabilities generalization, and the sharp left turn: - Quantifying degeneracy in singular models via the learning coefficient: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/31169122
info_outline
30 - AI Security with Jeffrey Ladish
04/30/2024
30 - AI Security with Jeffrey Ladish
Top labs use various forms of "safety training" on models before their release to make sure they don't do nasty stuff - but how robust is that? How can we ensure that the weights of powerful AIs don't get leaked or stolen? And what can AI even do these days? In this episode, I speak with Jeffrey Ladish about security and AI. Patreon: Ko-fi: Topics we discuss, and timestamps: 0:00:38 - Fine-tuning away safety training 0:13:50 - Dangers of open LLMs vs internet search 0:19:52 - What we learn by undoing safety filters 0:27:34 - What can you do with jailbroken AI? 0:35:28 - Security of AI model weights 0:49:21 - Securing against attackers vs AI exfiltration 1:08:43 - The state of computer security 1:23:08 - How AI labs could be more secure 1:33:13 - What does Palisade do? 1:44:40 - AI phishing 1:53:32 - More on Palisade's work 1:59:56 - Red lines in AI development 2:09:56 - Making AI legible 2:14:08 - Following Jeffrey's research The transcript: Palisade Research: Jeffrey's Twitter/X account: Main papers we discussed: - LoRA Fine-tuning Efficiently Undoes Safety Training in Llama 2-Chat 70B: - BadLLaMa: Cheaply Removing Safety Fine-tuning From LLaMa 2-Chat 13B: - Securing Artificial Intelligence Model Weights: Other links: - Llama 2: Open Foundation and Fine-Tuned Chat Models: - Fine-tuning Aligned Language Models Compromises Safety, Even When Users Do Not Intend To!: - Shadow Alignment: The Ease of Subverting Safely-Aligned Language Models: - On the Societal Impact of Open Foundation Models (Stanford paper on marginal harms from open-weight models): - The Operational Risks of AI in Large-Scale Biological Attacks (RAND): - Preventing model exfiltration with upload limits: - A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution: - In-browser transformer inference: - Anatomy of a rental phishing scam: - Causal Scrubbing: a method for rigorously testing interpretability hypotheses: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/31058928
info_outline
29 - Science of Deep Learning with Vikrant Varma
04/25/2024
29 - Science of Deep Learning with Vikrant Varma
In 2022, it was announced that a fairly simple method can be used to extract the true beliefs of a language model on any given topic, without having to actually understand the topic at hand. Earlier, in 2021, it was announced that neural networks sometimes 'grok': that is, when training them on certain tasks, they initially memorize their training data (achieving their training goal in a way that doesn't generalize), but then suddenly switch to understanding the 'real' solution in a way that generalizes. What's going on with these discoveries? Are they all they're cracked up to be, and if so, how are they working? In this episode, I talk to Vikrant Varma about his research getting to the bottom of these questions. Patreon: Ko-fi: Topics we discuss, and timestamps: 0:00:36 - Challenges with unsupervised LLM knowledge discovery, aka contra CCS 0:00:36 - What is CCS? 0:09:54 - Consistent and contrastive features other than model beliefs 0:20:34 - Understanding the banana/shed mystery 0:41:59 - Future CCS-like approaches 0:53:29 - CCS as principal component analysis 0:56:21 - Explaining grokking through circuit efficiency 0:57:44 - Why research science of deep learning? 1:12:07 - Summary of the paper's hypothesis 1:14:05 - What are 'circuits'? 1:20:48 - The role of complexity 1:24:07 - Many kinds of circuits 1:28:10 - How circuits are learned 1:38:24 - Semi-grokking and ungrokking 1:50:53 - Generalizing the results 1:58:51 - Vikrant's research approach 2:06:36 - The DeepMind alignment team 2:09:06 - Follow-up work The transcript: Vikrant's Twitter/X account: Main papers: - Challenges with unsupervised LLM knowledge discovery: - Explaining grokking through circuit efficiency: Other works discussed: - Discovering latent knowledge in language models without supervision (CCS): - Eliciting Latent Knowledge: How to Tell if your Eyes Deceive You: - Discussion: Challenges with unsupervised LLM knowledge discovery: - Comment thread on the banana/shed results: - Fabien Roger, What discovering latent knowledge did and did not find: - Scott Emmons, Contrast Pairs Drive the Performance of Contrast Consistent Search (CCS): - Grokking: Generalizing Beyond Overfitting on Small Algorithmic Datasets: - Keeping Neural Networks Simple by Minimizing the Minimum Description Length of the Weights (Hinton 1993 L2): - Progress measures for grokking via mechanistic interpretability: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/30988158
info_outline
28 - Suing Labs for AI Risk with Gabriel Weil
04/17/2024
28 - Suing Labs for AI Risk with Gabriel Weil
How should the law govern AI? Those concerned about existential risks often push either for bans or for regulations meant to ensure that AI is developed safely - but another approach is possible. In this episode, Gabriel Weil talks about his proposal to modify tort law to enable people to sue AI companies for disasters that are "nearly catastrophic". Patreon: Ko-fi: Topics we discuss, and timestamps: 0:00:35 - The basic idea 0:20:36 - Tort law vs regulation 0:29:10 - Weil's proposal vs Hanson's proposal 0:37:00 - Tort law vs Pigouvian taxation 0:41:16 - Does disagreement on AI risk make this proposal less effective? 0:49:53 - Warning shots - their prevalence and character 0:59:17 - Feasibility of big changes to liability law 1:29:17 - Interactions with other areas of law 1:38:59 - How Gabriel encountered the AI x-risk field 1:42:41 - AI x-risk and the legal field 1:47:44 - Technical research to help with this proposal 1:50:47 - Decisions this proposal could influence 1:55:34 - Following Gabriel's research The transcript: Links for Gabriel: - SSRN page: - Twitter/X account: Tort Law as a Tool for Mitigating Catastrophic Risk from Artificial Intelligence: Other links: - Foom liability: - Punitive Damages: An Economic Analysis: - Efficiency, Fairness, and the Externalization of Reasonable Risks: The Problem With the Learned Hand Formula: - Tort Law Can Play an Important Role in Mitigating AI Risk: - How Technical AI Safety Researchers Can Help Implement Punitive Damages to Mitigate Catastrophic AI Risk: - Can the courts save us from dangerous AI? [Vox]: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/30875848
info_outline
27 - AI Control with Buck Shlegeris and Ryan Greenblatt
04/11/2024
27 - AI Control with Buck Shlegeris and Ryan Greenblatt
A lot of work to prevent AI existential risk takes the form of ensuring that AIs don't want to cause harm or take over the world---or in other words, ensuring that they're aligned. In this episode, I talk with Buck Shlegeris and Ryan Greenblatt about a different approach, called "AI control": ensuring that AI systems couldn't take over the world, even if they were trying to. Patreon: Ko-fi: Topics we discuss, and timestamps: 0:00:31 - What is AI control? 0:16:16 - Protocols for AI control 0:22:43 - Which AIs are controllable? 0:29:56 - Preventing dangerous coded AI communication 0:40:42 - Unpredictably uncontrollable AI 0:58:01 - What control looks like 1:08:45 - Is AI control evil? 1:24:42 - Can red teams match misaligned AI? 1:36:51 - How expensive is AI monitoring? 1:52:32 - AI control experiments 2:03:50 - GPT-4's aptitude at inserting backdoors 2:14:50 - How AI control relates to the AI safety field 2:39:25 - How AI control relates to previous Redwood Research work 2:49:16 - How people can work on AI control 2:54:07 - Following Buck and Ryan's research The transcript: Links for Buck and Ryan: - Buck's twitter/X account: - Ryan on LessWrong: - You can contact both Buck and Ryan by electronic mail at [firstname] [at-sign] rdwrs.com Main research works we talk about: - The case for ensuring that powerful AIs are controlled: - AI Control: Improving Safety Despite Intentional Subversion: Other things we mention: - The prototypical catastrophic AI action is getting root access to its datacenter (aka "Hacking the SSH server"): - Preventing language models from hiding their reasoning: - Improving the Welfare of AIs: A Nearcasted Proposal: - Measuring coding challenge competence with APPS: - Causal Scrubbing: a method for rigorously testing interpretability hypotheses Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/30788848
info_outline
26 - AI Governance with Elizabeth Seger
11/26/2023
26 - AI Governance with Elizabeth Seger
The events of this year have highlighted important questions about the governance of artificial intelligence. For instance, what does it mean to democratize AI? And how should we balance benefits and dangers of open-sourcing powerful AI systems such as large language models? In this episode, I speak with Elizabeth Seger about her research on these questions. Patreon: Ko-fi: Topics we discuss, and timestamps: - 0:00:40 - What kinds of AI? - 0:01:30 - Democratizing AI - 0:04:44 - How people talk about democratizing AI - 0:09:34 - Is democratizing AI important? - 0:13:31 - Links between types of democratization - 0:22:43 - Democratizing profits from AI - 0:27:06 - Democratizing AI governance - 0:29:45 - Normative underpinnings of democratization - 0:44:19 - Open-sourcing AI - 0:50:47 - Risks from open-sourcing - 0:56:07 - Should we make AI too dangerous to open source? - 1:00:33 - Offense-defense balance - 1:03:13 - KataGo as a case study - 1:09:03 - Openness for interpretability research - 1:15:47 - Effectiveness of substitutes for open sourcing - 1:20:49 - Offense-defense balance, part 2 - 1:29:49 - Making open-sourcing safer? - 1:40:37 - AI governance research - 1:41:05 - The state of the field - 1:43:33 - Open questions - 1:49:58 - Distinctive governance issues of x-risk - 1:53:04 - Technical research to help governance - 1:55:23 - Following Elizabeth's research The transcript: Links for Elizabeth: - Personal website: - Centre for the Governance of AI (AKA GovAI): Main papers: - Democratizing AI: Multiple Meanings, Goals, and Methods: - Open-sourcing highly capable foundation models: an evaluation of risks, benefits, and alternative methods for pursuing open source objectives: Other research we discuss: - What Do We Mean When We Talk About "AI democratisation"? (blog post): - Democratic Inputs to AI (OpenAI): - Collective Constitutional AI: Aligning a Language Model with Public Input (Anthropic): - Against "Democratizing AI": - Adversarial Policies Beat Superhuman Go AIs: - Structured access: an emerging paradigm for safe AI deployment: - Universal and Transferable Adversarial Attacks on Aligned Language Models (aka Adversarial Suffixes): Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/28796443
info_outline
25 - Cooperative AI with Caspar Oesterheld
10/03/2023
25 - Cooperative AI with Caspar Oesterheld
Imagine a world where there are many powerful AI systems, working at cross purposes. You could suppose that different governments use AIs to manage their militaries, or simply that many powerful AIs have their own wills. At any rate, it seems valuable for them to be able to cooperatively work together and minimize pointless conflict. How do we ensure that AIs behave this way - and what do we need to learn about how rational agents interact to make that more clear? In this episode, I'll be speaking with Caspar Oesterheld about some of his research on this very topic. Patreon: Ko-fi: Episode art by Hamish Doodles: Topics we discuss, and timestamps: - 0:00:34 - Cooperative AI - 0:06:21 - Cooperative AI vs standard game theory - 0:19:45 - Do we need cooperative AI if we get alignment? - 0:29:29 - Cooperative AI and agent foundations - 0:34:59 - A Theory of Bounded Inductive Rationality - 0:50:05 - Why it matters - 0:53:55 - How the theory works - 1:01:38 - Relationship to logical inductors - 1:15:56 - How fast does it converge? - 1:19:46 - Non-myopic bounded rational inductive agents? - 1:24:25 - Relationship to game theory - 1:30:39 - Safe Pareto Improvements - 1:30:39 - What they try to solve - 1:36:15 - Alternative solutions - 1:40:46 - How safe Pareto improvements work - 1:51:19 - Will players fight over which safe Pareto improvement to adopt? - 2:06:02 - Relationship to program equilibrium - 2:11:25 - Do safe Pareto improvements break themselves? - 2:15:52 - Similarity-based Cooperation - 2:23:07 - Are similarity-based cooperators overly cliqueish? - 2:27:12 - Sensitivity to noise - 2:29:41 - Training neural nets to do similarity-based cooperation - 2:50:25 - FOCAL, Caspar's research lab - 2:52:52 - How the papers all relate - 2:57:49 - Relationship to functional decision theory - 2:59:45 - Following Caspar's research The transcript: Links for Caspar: - FOCAL at CMU: - Caspar on X, formerly known as Twitter: - Caspar's blog: - Caspar on Google Scholar: Research we discuss: - A Theory of Bounded Inductive Rationality: - Safe Pareto improvements for delegated game playing: - Similarity-based Cooperation: - Logical Induction: - Program Equilibrium: - Formalizing Objections against Surrogate Goals: - Learning with Opponent-Learning Awareness:
/episode/index/show/axrpodcast/id/28216418
info_outline
24 - Superalignment with Jan Leike
07/27/2023
24 - Superalignment with Jan Leike
Recently, OpenAI made a splash by announcing a new "Superalignment" team. Lead by Jan Leike and Ilya Sutskever, the team would consist of top researchers, attempting to solve alignment for superintelligent AIs in four years by figuring out how to build a trustworthy human-level AI alignment researcher, and then using it to solve the rest of the problem. But what does this plan actually involve? In this episode, I talk to Jan Leike about the plan and the challenges it faces. Patreon: Ko-fi: Episode art by Hamish Doodles: Topics we discuss, and timestamps: - 0:00:37 - The superalignment team - 0:02:10 - What's a human-level automated alignment researcher? - 0:06:59 - The gap between human-level automated alignment researchers and superintelligence - 0:18:39 - What does it do? - 0:24:13 - Recursive self-improvement - 0:26:14 - How to make the AI AI alignment researcher - 0:30:09 - Scalable oversight - 0:44:38 - Searching for bad behaviors and internals - 0:54:14 - Deliberately training misaligned models - 1:02:34 - Four year deadline - 1:07:06 - What if it takes longer? - 1:11:38 - The superalignment team and... - 1:11:38 - ... governance - 1:14:37 - ... other OpenAI teams - 1:18:17 - ... other labs - 1:26:10 - Superalignment team logistics - 1:29:17 - Generalization - 1:43:44 - Complementary research - 1:48:29 - Why is Jan optimistic? - 1:58:32 - Long-term agency in LLMs? - 2:02:44 - Do LLMs understand alignment? - 2:06:01 - Following Jan's research The transcript: Links for Jan and OpenAI: - OpenAI jobs: - Jan's substack: - Jan's twitter: Links to research and other writings we discuss: - Introducing Superalignment: - Let's Verify Step by Step (process-based feedback on math): - Planning for AGI and beyond: - Self-critiquing models for assisting human evaluators: - An Interpretability Illusion for BERT: - Language models can explain neurons in language models - Our approach to alignment research: - Training language models to follow instructions with human feedback (aka the Instruct-GPT paper):
/episode/index/show/axrpodcast/id/27579303
info_outline
23 - Mechanistic Anomaly Detection with Mark Xu
07/27/2023
23 - Mechanistic Anomaly Detection with Mark Xu
Is there some way we can detect bad behaviour in our AI system without having to know exactly what it looks like? In this episode, I speak with Mark Xu about mechanistic anomaly detection: a research direction based on the idea of detecting strange things happening in neural networks, in the hope that that will alert us of potential treacherous turns. We both talk about the core problems of relating these mechanistic anomalies to bad behaviour, as well as the paper "Formalizing the presumption of independence", which formulates the problem of formalizing heuristic mathematical reasoning, in the hope that this will let us mathematically define "mechanistic anomalies". Patreon: Ko-fi: Episode art by Hamish Doodles: Topics we discuss, and timestamps: - 0:00:38 - Mechanistic anomaly detection - 0:09:28 - Are all bad things mechanistic anomalies, and vice versa? - 0:18:12 - Are responses to novel situations mechanistic anomalies? - 0:39:19 - Formalizing "for the normal reason, for any reason" - 1:05:22 - How useful is mechanistic anomaly detection? - 1:12:38 - Formalizing the Presumption of Independence - 1:20:05 - Heuristic arguments in physics - 1:27:48 - Difficult domains for heuristic arguments - 1:33:37 - Why not maximum entropy? - 1:44:39 - Adversarial robustness for heuristic arguments - 1:54:05 - Other approaches to defining mechanisms - 1:57:20 - The research plan: progress and next steps - 2:04:13 - Following ARC's research The transcript: ARC links: - Website: - Theory blog: - Hiring page: Research we discuss: - Formalizing the presumption of independence: - Eliciting Latent Knowledge (aka ELK): - Mechanistic Anomaly Detection and ELK: - Can we efficiently explain model behaviours? - Can we efficiently distinguish different mechanisms?
/episode/index/show/axrpodcast/id/27578490
info_outline
Survey, store closing, Patreon
06/28/2023
Survey, store closing, Patreon
Very brief survey: Store is closing in a week! Link: Patreon: Ko-fi:
/episode/index/show/axrpodcast/id/27317730
info_outline
22 - Shard Theory with Quintin Pope
06/15/2023
22 - Shard Theory with Quintin Pope
What can we learn about advanced deep learning systems by understanding how humans learn and form values over their lifetimes? Will superhuman AI look like ruthless coherent utility optimization, or more like a mishmash of contextually activated desires? This episode's guest, Quintin Pope, has been thinking about these questions as a leading researcher in the shard theory community. We talk about what shard theory is, what it says about humans and neural networks, and what the implications are for making AI safe. Patreon: Ko-fi: Episode art by Hamish Doodles: Topics we discuss, and timestamps: - 0:00:42 - Why understand human value formation? - 0:19:59 - Why not design methods to align to arbitrary values? - 0:27:22 - Postulates about human brains - 0:36:20 - Sufficiency of the postulates - 0:44:55 - Reinforcement learning as conditional sampling - 0:48:05 - Compatibility with genetically-influenced behaviour - 1:03:06 - Why deep learning is basically what the brain does - 1:25:17 - Shard theory - 1:38:49 - Shard theory vs expected utility optimizers - 1:54:45 - What shard theory says about human values - 2:05:47 - Does shard theory mean we're doomed? - 2:18:54 - Will nice behaviour generalize? - 2:33:48 - Does alignment generalize farther than capabilities? - 2:42:03 - Are we at the end of machine learning history? - 2:53:09 - Shard theory predictions - 2:59:47 - The shard theory research community - 3:13:45 - Why do shard theorists not work on replicating human childhoods? - 3:25:53 - Following shardy research The transcript: Shard theorist links: - Quintin's LessWrong profile: - Alex Turner's LessWrong profile: - Shard theory Discord: - EleutherAI Discord: Research we discuss: - The Shard Theory Sequence: - Pretraining Language Models with Human Preferences: - Inner alignment in salt-starved rats: - Intro to Brain-like AGI Safety Sequence: - Brains and transformers: - The neural architecture of language: Integrative modeling converges on predictive processing: - Brains and algorithms partially converge in natural language processing: - Evidence of a predictive coding hierarchy in the human brain listening to speech: - Singular learning theory explainer: Neural networks generalize because of this one weird trick: - Singular learning theory links: - Implicit Regularization via Neural Feature Alignment, aka circles in the parameter-function map: - The shard theory of human values: - Predicting inductive biases of pre-trained networks: - Understanding and controlling a maze-solving policy network, aka the cheese vector: - Quintin's Research agenda: Supervising AIs improving AIs: - Steering GPT-2-XL by adding an activation vector: Links for the addendum on mesa-optimization skepticism: - Quintin's response to Yudkowsky arguing against AIs being steerable by gradient descent: - Quintin on why evolution is not like AI training: - Evolution provides no evidence for the sharp left turn: - Let's Agree to Agree: Neural Networks Share Classification Order on Real Datasets:
/episode/index/show/axrpodcast/id/27162615
info_outline
21 - Interpretability for Engineers with Stephen Casper
05/02/2023
21 - Interpretability for Engineers with Stephen Casper
Lots of people in the field of machine learning study 'interpretability', developing tools that they say give us useful information about neural networks. But how do we know if meaningful progress is actually being made? What should we want out of these tools? In this episode, I speak to Stephen Casper about these questions, as well as about a benchmark he's co-developed to evaluate whether interpretability tools can find 'Trojan horses' hidden inside neural nets. Patreon: Ko-fi: Topics we discuss, and timestamps: - 00:00:42 - Interpretability for engineers - 00:00:42 - Why interpretability? - 00:12:55 - Adversaries and interpretability - 00:24:30 - Scaling interpretability - 00:42:29 - Critiques of the AI safety interpretability community - 00:56:10 - Deceptive alignment and interpretability - 01:09:48 - Benchmarking Interpretability Tools (for Deep Neural Networks) (Using Trojan Discovery) - 01:10:40 - Why Trojans? - 01:14:53 - Which interpretability tools? - 01:28:40 - Trojan generation - 01:38:13 - Evaluation - 01:46:07 - Interpretability for shaping policy - 01:53:55 - Following Casper's work The transcript: Links for Casper: - Personal website: - Twitter: - Electronic mail: scasper [at] mit [dot] edu Research we discuss: - The Engineer's Interpretability Sequence: - Benchmarking Interpretability Tools for Deep Neural Networks: - Adversarial Policies beat Superhuman Go AIs: - Adversarial Examples Are Not Bugs, They Are Features: - Planting Undetectable Backdoors in Machine Learning Models: - Softmax Linear Units: - Red-Teaming the Stable Diffusion Safety Filter: Episode art by Hamish Doodles:
/episode/index/show/axrpodcast/id/26713923
info_outline
20 - 'Reform' AI Alignment with Scott Aaronson
04/12/2023
20 - 'Reform' AI Alignment with Scott Aaronson
How should we scientifically think about the impact of AI on human civilization, and whether or not it will doom us all? In this episode, I speak with Scott Aaronson about his views on how to make progress in AI alignment, as well as his work on watermarking the output of language models, and how he moved from a background in quantum complexity theory to working on AI. Note: this episode was recorded before this story () emerged of a man committing suicide after discussions with a language-model-based chatbot, that included discussion of the possibility of him killing himself. Patreon: Ko-fi: Topics we discuss, and timestamps: - 0:00:36 - 'Reform' AI alignment - 0:01:52 - Epistemology of AI risk - 0:20:08 - Immediate problems and existential risk - 0:24:35 - Aligning deceitful AI - 0:30:59 - Stories of AI doom - 0:34:27 - Language models - 0:43:08 - Democratic governance of AI - 0:59:35 - What would change Scott's mind - 1:14:45 - Watermarking language model outputs - 1:41:41 - Watermark key secrecy and backdoor insertion - 1:58:05 - Scott's transition to AI research - 2:03:48 - Theoretical computer science and AI alignment - 2:14:03 - AI alignment and formalizing philosophy - 2:22:04 - How Scott finds AI research - 2:24:53 - Following Scott's research The transcript: Links to Scott's things: - Personal website: - Book, Quantum Computing Since Democritus: - Blog, Shtetl-Optimized: Writings we discuss: - Reform AI Alignment: - Planting Undetectable Backdoors in Machine Learning Models:
/episode/index/show/axrpodcast/id/26525415
info_outline
Store, Patreon, Video
02/07/2023
Store, Patreon, Video
Store: Patreon: Ko-fi: Video:
/episode/index/show/axrpodcast/id/25853112
info_outline
19 - Mechanistic Interpretability with Neel Nanda
02/04/2023
19 - Mechanistic Interpretability with Neel Nanda
How good are we at understanding the internal computation of advanced machine learning models, and do we have a hope at getting better? In this episode, Neel Nanda talks about the sub-field of mechanistic interpretability research, as well as papers he's contributed to that explore the basics of transformer circuits, induction heads, and grokking. Topics we discuss, and timestamps: - 00:01:05 - What is mechanistic interpretability? - 00:24:16 - Types of AI cognition - 00:54:27 - Automating mechanistic interpretability - 01:11:57 - Summarizing the papers - 01:24:43 - 'A Mathematical Framework for Transformer Circuits' - 01:39:31 - How attention works - 01:49:26 - Composing attention heads - 01:59:42 - Induction heads - 02:11:05 - 'In-context Learning and Induction Heads' - 02:12:55 - The multiplicity of induction heads - 02:30:10 - Lines of evidence - 02:38:47 - Evolution in loss-space - 02:46:19 - Mysteries of in-context learning - 02:50:57 - 'Progress measures for grokking via mechanistic interpretability' - 02:50:57 - How neural nets learn modular addition - 03:11:37 - The suddenness of grokking - 03:34:16 - Relation to other research - 03:43:57 - Could mechanistic interpretability possibly work? - 03:49:28 - Following Neel's research The transcript: Links to Neel's things: - Neel on Twitter: - Neel on the Alignment Forum: - Neel's mechanistic interpretability blog: - TransformerLens: - Concrete Steps to Get Started in Transformer Mechanistic Interpretability: - Neel on YouTube: - 200 Concrete Open Problems in Mechanistic Interpretability: - Comprehesive mechanistic interpretability explainer: Writings we discuss: - A Mathematical Framework for Transformer Circuits: - In-context Learning and Induction Heads: - Progress measures for grokking via mechanistic interpretability: - Hungry Hungry Hippos: Towards Language Modeling with State Space Models (referred to in this episode as the "S4 paper"): - interpreting GPT: the logit lens: - Locating and Editing Factual Associations in GPT (aka the ROME paper): - Human-level play in the game of Diplomacy by combining language models with strategic reasoning: - Causal Scrubbing: - An Interpretability Illusion for BERT: - Interpretability in the Wild: a Circuit for Indirect Object Identification in GPT-2 small: - Grokking: Generalization Beyond Overfitting on Small Algorithmic Datasets: - The Effects of Reward Misspecification: Mapping and Mitigating Misaligned Models: - Collaboration & Credit Principles: - Transformer Feed-Forward Layers Are Key-Value Memories: - Multi-Component Learning and S-Curves: - The Lottery Ticket Hypothesis: Finding Sparse, Trainable Neural Networks: - Linear Mode Connectivity and the Lottery Ticket Hypothesis:
/episode/index/show/axrpodcast/id/25827876
info_outline
New podcast - The Filan Cabinet
10/13/2022
New podcast - The Filan Cabinet
I have a new podcast, where I interview whoever I want about whatever I want. It's called "The Filan Cabinet", and you can find it wherever you listen to podcasts. The first three episodes are about pandemic preparedness, God, and cryptocurrency. For more details, check out the podcast website (), or search "The Filan Cabinet" in your podcast app.
/episode/index/show/axrpodcast/id/24681513
info_outline
18 - Concept Extrapolation with Stuart Armstrong
09/03/2022
18 - Concept Extrapolation with Stuart Armstrong
Concept extrapolation is the idea of taking concepts an AI has about the world - say, "mass" or "does this picture contain a hot dog" - and extending them sensibly to situations where things are different - like learning that the world works via special relativity, or seeing a picture of a novel sausage-bread combination. For a while, Stuart Armstrong has been thinking about concept extrapolation and how it relates to AI alignment. In this episode, we discuss where his thoughts are at on this topic, what the relationship to AI alignment is, and what the open questions are. Topics we discuss, and timestamps: - 00:00:44 - What is concept extrapolation - 00:15:25 - When is concept extrapolation possible - 00:30:44 - A toy formalism - 00:37:25 - Uniqueness of extrapolations - 00:48:34 - Unity of concept extrapolation methods - 00:53:25 - Concept extrapolation and corrigibility - 00:59:51 - Is concept extrapolation possible? - 01:37:05 - Misunderstandings of Stuart's approach - 01:44:13 - Following Stuart's work The transcript: Stuart's startup, Aligned AI: Research we discuss: - The Concept Extrapolation sequence: - The HappyFaces benchmark: - Goal Misgeneralization in Deep Reinforcement Learning:
/episode/index/show/axrpodcast/id/24264765
info_outline
17 - Training for Very High Reliability with Daniel Ziegler
08/21/2022
17 - Training for Very High Reliability with Daniel Ziegler
Sometimes, people talk about making AI systems safe by taking examples where they fail and training them to do well on those. But how can we actually do this well, especially when we can't use a computer program to say what a 'failure' is? In this episode, I speak with Daniel Ziegler about his research group's efforts to try doing this with present-day language models, and what they learned. Listeners beware: this episode contains a spoiler for the Animorphs franchise around minute 41 (in the 'Fanfiction' section of the transcript). Topics we discuss, and timestamps: - 00:00:40 - Summary of the paper - 00:02:23 - Alignment as scalable oversight and catastrophe minimization - 00:08:06 - Novel contribtions - 00:14:20 - Evaluating adversarial robustness - 00:20:26 - Adversary construction - 00:35:14 - The task - 00:38:23 - Fanfiction - 00:42:15 - Estimators to reduce labelling burden - 00:45:39 - Future work - 00:50:12 - About Redwood Research The transcript: Daniel Ziegler on Google Scholar: Research we discuss: - Daniel's paper, Adversarial Training for High-Stakes Reliability: - Low-stakes alignment: - Red Teaming Language Models with Language Models: - Uncertainty Estimation for Language Reward Models: - Eliciting Latent Knowledge:
/episode/index/show/axrpodcast/id/24124761
info_outline
16 - Preparing for Debate AI with Geoffrey Irving
07/01/2022
16 - Preparing for Debate AI with Geoffrey Irving
Many people in the AI alignment space have heard of AI safety via debate - check out AXRP episode 6 () if you need a primer. But how do we get language models to the stage where they can usefully implement debate? In this episode, I talk to Geoffrey Irving about the role of language models in AI safety, as well as three projects he's done that get us closer to making debate happen: using language models to find flaws in themselves, getting language models to back up claims they make with citations, and figuring out how uncertain language models should be about the quality of various answers. Topics we discuss, and timestamps: - 00:00:48 - Status update on AI safety via debate - 00:10:24 - Language models and AI safety - 00:19:34 - Red teaming language models with language models - 00:35:31 - GopherCite - 00:49:10 - Uncertainty Estimation for Language Reward Models - 01:00:26 - Following Geoffrey's work, and working with him The transcript: Geoffrey's twitter: Research we discuss: - Red Teaming Language Models With Language Models: - Teaching Language Models to Support Answers with Verified Quotes, aka GopherCite: - Uncertainty Estimation for Language Reward Models: - AI Safety via Debate: - Writeup: progress on AI safety via debate: - Eliciting Latent Knowledge: - Training Compute-Optimal Large Language Models, aka Chinchilla:
/episode/index/show/axrpodcast/id/23610968
info_outline
15 - Natural Abstractions with John Wentworth
05/23/2022
15 - Natural Abstractions with John Wentworth
Why does anybody care about natural abstractions? Do they somehow relate to math, or value learning? How do E. coli bacteria find sources of sugar? All these questions and more will be answered in this interview with John Wentworth, where we talk about his research plan of understanding agency via natural abstractions. Topics we discuss, and timestamps: - 00:00:31 - Agency in E. Coli - 00:04:59 - Agency in financial markets - 00:08:44 - Inferring agency in real-world systems - 00:16:11 - Selection theorems - 00:20:22 - Abstraction and natural abstractions - 00:32:42 - Information at a distance - 00:39:20 - Why the natural abstraction hypothesis matters - 00:44:48 - Unnatural abstractions used by humans? - 00:49:11 - Probability, determinism, and abstraction - 00:52:58 - Whence probabilities in deterministic universes? - 01:02:37 - Abstraction and maximum entropy distributions - 01:07:39 - Natural abstractions and impact - 01:08:50 - Learning human values - 01:20:47 - The shape of the research landscape - 01:34:59 - Following John's work The transcript: John on LessWrong: Research that we discuss: - Alignment by default - contains the natural abstraction hypothesis: - The telephone theorem: - Generalizing Koopman-Pitman-Darmois: - The plan: - Understanding deep learning requires rethinking generalization - deep learning can fit random data: - A closer look at memorization in deep networks - deep learning learns before memorizing: - Zero-shot coordination: - A new formalism, method, and open issues for zero-shot coordination: - Conservative agency via attainable utility preservation: - Corrigibility: Errata: - E. coli has ~4,400 genes, not 30,000. - A typical adult human body has thousands of moles of water in it, and therefore must consist of well more than 10 moles total.
/episode/index/show/axrpodcast/id/23196275
info_outline
14 - Infra-Bayesian Physicalism with Vanessa Kosoy
04/05/2022
14 - Infra-Bayesian Physicalism with Vanessa Kosoy
Late last year, Vanessa Kosoy and Alexander Appel published some research under the heading of "Infra-Bayesian physicalism". But wait - what was infra-Bayesianism again? Why should we care? And what does any of this have to do with physicalism? In this episode, I talk with Vanessa Kosoy about these questions, and get a technical overview of how infra-Bayesian physicalism works and what its implications are. Topics we discuss, and timestamps: - 00:00:48 - The basics of infra-Bayes - 00:08:32 - An invitation to infra-Bayes - 00:11:23 - What is naturalized induction? - 00:19:53 - How infra-Bayesian physicalism helps with naturalized induction - 00:19:53 - Bridge rules - 00:22:22 - Logical uncertainty - 00:23:36 - Open source game theory - 00:28:27 - Logical counterfactuals - 00:30:55 - Self-improvement - 00:32:40 - How infra-Bayesian physicalism works - 00:32:47 - World models - 00:39-20 - Priors - 00:42:53 - Counterfactuals - 00:50:34 - Anthropics - 00:54:40 - Loss functions - 00:56:44 - The monotonicity principle - 01:01:57 - How to care about various things - 01:08:47 - Decision theory - 01:19:53 - Follow-up research - 01:20:06 - Infra-Bayesian physicalist quantum mechanics - 01:26:42 - Infra-Bayesian physicalist agreement theorems - 01:29:00 - The production of infra-Bayesianism research - 01:35:14 - Bridge rules and malign priors - 01:45:27 - Following Vanessa's work The transcript: Vanessa on the Alignment Forum: Research that we discuss: - Infra-Bayesian physicalism: a formal theory of naturalized induction: - Updating ambiguous beliefs (contains the infra-Bayesian update rule): - Functional Decision Theory: A New Theory of Instrumental Rationality: - Space-time embedded intelligence: - Attacking the grain of truth problem using Bayes-Savage agents (generating a simplicity prior with Knightian uncertainty using oracle machines): - Quantity of experience: brain-duplication and degrees of consciousness (the thick wires argument): - Online learning in unknown Markov games: - Agreeing to disagree (contains the Aumann agreement theorem): - What does the universal prior actually look like? (aka "the Solomonoff prior is malign"): - The Solomonoff prior is malign: - Eliciting Latent Knowledge: - ELK Thought Dump, by Abram Demski:
/episode/index/show/axrpodcast/id/22694762