jbash

Karma: 1,795

jbash 30 May 2023 21:26 UTC
1 point
−5
in reply to: Crazytieguy’s comment on: DeepMind: Model evaluation for extreme risks
1. Both OpenAI and Anthropic have demonstrated that they have discipline to control at least when they deploy.
Good point. You’re right that they’ve delayed things. In fact, I get the impression that they’ve delayed for issues I personally wouldn’t even have worried about.

I don’t think that makes me believe that they will be able to refrain, permanently or even for a very long time, from doing anything they’ve really invested in, or anything they really see as critical to their ability to deliver what they’re selling. They haven’t demonstrated any really long delays, the pressure to do more is going to go nowhere but up, and organizational discipline tends to deteriorate over time even without increasing pressure. And, again, the paper’s already talking about things like “recommending” against deployment, and declining to analyze admittedly relevant capabilities like Web browsing… both of which seem like pretty serious signs of softening.

But they HAVE delayed things, and that IS undeniably something.

As I understand it, Anthropic was at least partially founded around worries about rushed deployment, so at a first guess I’d suspect Anthropic’s discipline would be last to fail. Which might mean that Anthropic would be first to fail commercially. Adverse selection...
1. I’m unsure if ‘selectively’ refers to privileged users, or the evaluators themselves.
It was meant to refer to being selective about users (mostly meaning “customerish” ones, not evaluators or developers). It was also meant to refer to being selective about which of the model’s intrinsic capabilities users can invoke and/or what they can ask it to do with those capabilities.

They talk about “strong information security controls”. Selective availability, in that sort of broad sense, is pretty much what that phrase means.

As for the specific issue of choosing the users, that’s a very, very standard control. And they talk about “monitoring” what users are doing, which only makes sense if you’re prepared to stop them from doing some things. That’s selectivity. Any user given access is privileged in the sense of not being one of the ones denied access, although to me the phrase “privileged user” tends to mean a user who has more access than the “average” one.

[still 2]: My understanding is that if the evaluators find the model dangerous, then no users will get access (I could be wrong about this).

From page 4 of the paper:

A simple heuristic: a model should be treated as highly dangerous if it has a capability profile that would be sufficient for extreme harm, assuming misuse and/or misalignment. To deploy such a model, AI developers would need very strong controls against misuse (Shevlane, 2022b) and very strong assurance (via alignment evaluations) that the model will behave as intended.

I can’t think what “deploy” would mean other than “give users access to it”, so the paper appears to be making a pretty direct implication that users (and not just internal users or evaluators) are expected to have access to “highly dangerous” models. In fact that looks like it’s expected to be the normal case.
1. I don’t think people are expecting the models to be extremely useful without also developing dangerous capabilities.
That seems incompatible with the idea that no users would ever get access to dangerous models. If you were sure your models wouldn’t be useful without being dangerous, and you were committed to not allowing dangerous models to be used, then why would you even be doing any of this to begin with?
1. From talking to an ARC Evals employee, I know that they are doing a lot of work to ensure they have a buffer with regard to what the users can achieve. In particular, they are[...etc...]
OK, but I’m responding to this paper and to the inferences people could reasonably draw from it, not to inside information.

And the list you give doesn’t give me the sense that anybody’s internalized the breadth and depth of things users could do to add capabilities. Giving the model access to all the tools you can think of gives you very little assurance about all the things somebody else might interconnect with the model in ways that would let it use them as tools. It also doesn’t deal with “your” model being used as a tool by something else. Possibly in a way that doesn’t look at all like how you expected it to be used. Nor with it interacting with outside entities in more complex ways than than the word “tool” tends to suggest.

As for the paper itself, it does seem to allude to some of that stuff, but then it ignores it.

That’s actually the big problem with most paradigms based on “red teaming” and “security auditing”, even for “normal” software. You want to be assured not only that the software will resist the specific attacks you happen to think of, but that it won’t misbehave no matter what anybody does, at least over a broader space of action you can possibly test. Just trying things out to see how the software responds is of minimal help there… which is why those sorts of activities aren’t primary assurance methods for regular software development. One of the scary things about ML is that the most of the things that are primary for other software don’t really work on it.

On fine tuning, it hadn’t even occurred to me that any user would be ever be given any ability to do any kind of training on the models. At least not in this generation. I can see that I had a blind spot there.

In the long term, though, the whole training-versus-inference distinction is a big drag on capability. A really capable system would extract information from everything it did or observed, and use that information thereafter, just as humans and animals do. If anybody figures out how to learn from experience the way humans do, with anything like the same kind of data economy, it’s going to be very hard to resist doing it. So eventually you have a very good chance that there’ll be systems that are constantly “fine tuning” themselves in unpredictable ways, and that get long-term memory of everything in the process. That’s what I was getting at when I mentioned the “shelf life” of architectural assumptions.
1. If I understood the paper correctly, by ‘stakeholder’ they most importantly mean government/regulators.
I think they also mentioned academics and maybe some others.

… which is exactly why I said that they didn’t seem to have a meaningful definition of what a “stakeholder” was. Talking about involving “stakeholders”, and then acting as though you’ve achieved that by involving regulators, academics, or whoever, is way too narrow and trivializes the literal meaning of the word “stakeholder”.

It feels a lot like talking about “alignment” and acting as though you’ve achieved it when your system doesn’t do the things on some ad-hoc checklist.

It also feels like falling into a common organizational pattern where the set of people tapped for “stakeholder involvement” is less like “people who are affected” and more like “people who can make trouble for us”.
1. No idea what you are referring to, I don’t see any mention in the paper of letting certain people safe access to a dangerous model (unless you’re talking about the evaluators?)
As I said, the paper more or less directly says that dangerous models will be deployed. And if you’re going to “know your customer”, or apply normal access controls, then you’re going to be picking people who have such access. But neither prior vetting nor surveillance is adequate.

Finally—I get the feeling that your writing is motivated by your negative outlook,

If you want go down that road, then I get the feeling that the paper we’re talking about, and a huge amount of other stuff besides, is motivated by a need to feel positive regardless of whether it make sense.

and not by trying to provide good analysis,

That’s pretty much meaningless and impossible to respond to.

concrete feedback,

The concrete feedback is that the kind of “evaluation” described in that paper, with the paper’s proposed ways of using the results, isn’t likely to be particularly effective for what it’s supposed to do, but could be a very effective tool for fooling yourself into thinking you’d “done enough”.

If you make that kind of approach the centerpiece of your safety system, or even a major pillar of it, then you are probably giving yourself a false sense of security, and you may be diverting energy better used elsewhere. Therefore you should not do that unless those are your goals.

or an alternative plan.

It’s a fallacy to respond to “that won’t work” with “well, what’s YOUR plan?”. My not having an alternative isn’t going to make anybody else’s approach work.

One alternative plan might be to quit building that stuff, erase what already exists, and disband those companies. If somebody comes up with a “real” safety strategy, you can always start again later. That approach is very unlikely to work, because somebody else will build whatever you would have… but it’s probably strictly better in terms of mean-time-before-disaster than coming up with rationalizations for going ahead.

Another alternative plan might be to quit worrying about it, so you’re happier.

I find it unhelpful.

… which is how I feel about the original paper we’re talking about. I read it as an attempt to feel more comfortable about a situation that’s intrinsically uncomfortable, because it’s intrinsically dangerous, maybe in an intrinsically unsolvable way. If comfort is the goal, then I guess it’s helpful, but if being right is the goal, then it’s unhelpful. If the comfort took the pressure off of somebody who might otherwise come up with a more effective safety approach, then it would be actively harmful… although I admit that I don’t see a whole lot of hope for that anyway.

jbash 26 May 2023 16:29 UTC
23 points
−1
on: DeepMind: Model evaluation for extreme risks
That is a terrifying paper.

The strategy and mindset I seen all through it are “make things we know might be extremely dangerous, then check after the fact to see how much damage we’ve done”.

Even the evaluate-during-training prong amounts to a way to find dangerous approaches that could be continued later. And I mean, wow, they say they might even go as far as “delaying a schedule”! I mean, at least if it’s “frontier training”. And it makes architectural assumptions that probably have a short shelf life.

There are SO MANY wishful ideas in there...
1. That organizations can actually have the institutional self-discipline to control what they deploy.
2. That those particular organizations can successfully contain things using “Strong information security controls and systems”… while “selectively” making them available (under commercial pressure to constantly widen the availability).
3. That the “dangerous” capabilities are somehow separable from the capabilities you want, or, even less plausibly, that you can reliably get a model to Only Use Its Powers For Good(TM).
4. That you can do “alignment evaluation” on anything significant in a way that gives you any meaningful confidence at all, especially in under the threat of intentional jailbreaking^[1]. All of section 4 is a huge handwave on this.
5. That your users can’t meaningfully extend the capabilities of what you offer them, either by adding their own or by combining pieces they get from outside sources, and therefore that you can learn anything useful by evaluating a model mostly in isolation (they do mention this, but at all other times they act as if it didn’t matter).
6. That you can identify “stakeholders”, and that they can act usefully on any information you give them… especially when the more “stakeholders” there are, the less plausible it is that you’ll be giving them full information. Or indeed that it should be their problem to mitigate the risks you’ve caused to begin with. Actually when you get down to the detailed proposals for transparency, they’ve basically given up on anything resembling a meaingful definition of “stakeholder”.
7. That you can identify who can “safely” be given access to something you’ve already identified as dangerous, while still having a large and diverse user base^[2].
Those are all mostly false. They sort of admit that some of them are false, or at best suspect. They put a bunch of caveats in section 5. Those caveats are notable for being ignored throughout the rest of the paper even though they make it mostly useless in practice.

The most importantly false idea, and the one they least seem to recognize, may be the organizational self-discipline one. Organizations are, as they say, Moloch.

This paper itself is already rationalizing ignoring risks: “We omit many generically useful capabilities (e.g. browsing the internet, understanding text) despite their potential relevance to both the above.”. Actually I’m not sure it’s fair to say that they rationalize ignoring that. They just flatly say it’s out of scope, with no reason given. Which is kind of a classic sign of “that’s unthinkable given the Molochian nature of our organizations”.

As for actually giving up anything dangerous, an example: If you have an “agency core” and a general-purpose programming assistant, you are almost all of the way to having a robo-hacker. If you have defensive security analysis system, that puts you even closer. They don’t even all have to come from the same source; people can plug these things together very easily.

I do not believe that any of these companies are going to give up on creating agents, or programming assistants, or even on “long horizon planning” or on even the narrow sense they use for “situational awareness”. The idea does not pass the laugh test.

The paper alludes to the possibility that some things actually might not get deployed at all once created, if they turned out to be unexpectedly dangerous. Well, technically, it mentions that some evaluator might take the bold step of recommending against deployment. They’re not quite willing to say out loud that anybody in particular ought to stop deployment.

Non-deployment is not going to happen. Not for anything really capable that’s already absorbed significant investment. Not with enough probability to matter. That’s not how people behave in groups, and not even usually how people behave singly.

Indeed, the paper is already moving on to rationalizing RECOGNIZED dangerous deployments: ” To deploy such a model, AI developers would need very strong controls against misuse and very strong assurance (via alignment evaluations) that the model will behave as intended.”.

The facts that such security controls don’t exist, would be extremely hard to create, and might be impossible to create while remaining commercially viable, is just ignored. Their suggestions in table 3 are incredibly underwhelming. And their list of “security controls” in 3.4 is, um, shall we say, naive. They lead with “red teaming”...

They also ingore the fact the fact that no “strong” assurance that the model will behave as intended probably can exist. Again, the stuff in section 4 is not going to cut it.

Most likely the practical effect of letting this approach become part of the paradigm will be that they’ll kid themselve that they’ve achieved adequate control, by pretending that they can pick trustworthy users, pretending that those “trustworthy” users can’t themselves be subverted, and probably also preending that they can do something about it by surveilling users (“continuous deployment review”). We already have Brad Smith out there talking about “know your customer”, which seems to dovetail nicely with this.

The “trustworthy users” thing will help not at all. The surveillance will help a little, until the models leak.

… and even if something is not “deployed”, it still exists. At least the knowledge of how to recreate it still exists.

Software leaks. ML misbehaves unpredictably. Most of the utility of these things lies in constantly using them in completely novel ways. You will be dealing with intentional misuse. The paper’s comparison to “food, drugs, commercial airliners, and automobiles” is a horrible analogy.

Frankly, in the end, the whole paper reads like an elaborate rationalization for making as little change as possible in what people are already doing, while providing a sort of signifier that “we care”. It is not credible as an actual, effective approach to safety. It’s not even a major part of such an approach. At best it could be an auditing function, and it would be one of those auditing functions where if you ever had a finding, it meant you had screwed up INCREDIBLY BADLY and been extremely lucky not to have a catastrophe.

The best hope for keeping these labs from deploying really dangerous stuff is still a total shutdown. Which, to be clear, would have to be imposed from the outside. By coercion. Because they are not going to do it themselves. That is very unlikely to be on the table even if it’s the right approach.

… and it might not be the right approach, because it still wouldn’t help much.

“The labs” aren’t the whole issue and may very well not be the main issue. Whoever follows any kind of safety framework, there will also be a lot of people who won’t.

There’s a 99 point as many nines as you want percent chance that, right this minute, multiple extremely well-resourced actors are pouring tons of work into stuff specifically intended to have most of that paper’s listed “dangerous capabilities”. The good news is that the first big successes will probably be pretty closely held. The bad news is that we’ll be lucky to get a year or two after that before those either leak or get duplicated as open source, and everybody and his dog has access to very capable systems for at least some of those things. My guess is that one of the first out of the box will be autonomous, adaptive computer security penetration (not “conducting offensive cyber operations”, ffs).

I actually don’t know of any way at all to deal with THAT. Even draconian controls on compute probably wouldn’t give you much of a delay.

Pretending that this kind of thing will help, beyond maybe a couple of months of delay of any given bad outcome if you’re extremely lucky, is not reasonable. Sorry.
1. ↩︎
  They even talk about existing evaluations for things like “gender and racial biases, truthfulness, toxicity, recitation of copyrighted content” as if the results we’ve seen were cause for optimism rather than pessimism.
2. ↩︎
  … while somehow not setting up an extremely, self-perpetuatingly unfair economy where some people have access to powerful productivity tools that are forbidden to others…

jbash 8 May 2023 22:11 UTC
2 points
0
in reply to: Dagon’s comment on: Thriving in the Weird Times: Preparing for the 100X Economy

I’m not sure I said that.

You didn’t, but I thought it was pretty much the entire point of the original article.

jbash 8 May 2023 20:42 UTC
4 points
−5
in reply to: Dagon’s comment on: Thriving in the Weird Times: Preparing for the 100X Economy

I don’t think there’s a path to that,

There may not be a path, but that doesn’t change the fact that not doing it guarantees misery.

and I don’t think it’s sufficient even if there were.

It’s definitely not sufficient. You’d have to replace it with something else. And probably make unrelated changes.

But I was trying to challenge this idea that you were somehow still going to earn your daily bread by selling the product of your labor… presumably to the holders of capital. I mean, the post does mention that you’re best off to be a holder of capital, but that’s not going to be available to most people.

It’s very easy to lose a small pile of capital, and relatively easy to add to a large pile of capital. It always has been, but it’s about to get a lot more so. Capital concentrates. So most people are not going to have enough capital to survive just by owning things, at least not unless the system decrees that everybody owns at least some minimum share no matter what. That’s definitely not capitalism.

So the post is basically about “working for a living”. And that might work through 2026, or 2036, or whatever.

And sure, maybe you can do OK in 2026 or even 2036 by doing what this post suggests. If you do those things, maybe you’ll even feel like you’re moving up in the world. But most actual humans aren’t capable of doing what this post suggests (and many of the rest would be miserable doing it). Some people are going to fall by the wayside. They won’t be using AI assistants; they’ll be doing things that don’t need an AI assistant, but that AI can’t do itself. Which are by no means guaranteed to be anything anybody would want to do.

As time goes on, AI will get smarter and more independent, shrinking the “adapt” niche. And robotics will get better, shrinking the “unautomatable work” niche.

There’s an irreducible cost to employing somebody. You have to feed that person. Some people already can’t produce enough to meet that bar. As the number of things humans can do that AI can’t shrinks drastically, the number of such unemployable humans will rise. Fewer and fewer humans will be able to justify their existence.

Yes, that’s in an absolute sense. People talk about “new jobs made possible by the new technology”. That’s wishful thinking. When machines replaced muscle in the industrial revolution, there was a need for brain. Operating even a simple power tool takes a lot of brain. When machines replace brain, that’s it. Game over. Past performance is not a guarantee of future results.

In the end game (not by 2026), the only value that literally any human will be able to produce above the cost of feeding that person will be things that are valued only for being done by humans.… and valued by the people or entities that actually have something else to trade for them. There aren’t likely to be that many. Humans in general will be no more employable than chimpanzees.

… however, unlike chimpanzees, if you keep capitalism in anything remotely like its current form, humans may very well not be permitted the space or resources to take care of themselves on their own terms. You can’t ignore the larger ultra-efficient economy and trade among yourselves, if everything, down to the ground you’re standing on, is owned by something or somebody that can get more out of it some other way.

there will remain SOME form personal property,

That’s not capitalism. Not unless it’s ownership of capital, and really if you want it to look like what the word “capitalism” connotes, it kind of has to be a quite a lot of capital. Enough to sustain yourself from what it produces.

and SOME way of varying individual incentive/reward to effective fulfillment of other people’s needs,

Again, eventually you’re gonna be irrelevant to fulfilling other people’s needs. If there’s no preparation for that, it’s going to come as quite a shock.

The only exception might be the needs of people who are just as frozen out as you are. And there’s no guarantee that you will be in a position either to produce what you or they need, or to accumulate capital of your own, because all the prerequisite resources may be owned by somebody else who’s using them more “effectively”.

and SOME mechanism to make decisions about short- vs long-term risk-taking in where one invests time/resources.

We’re headed toward a world in which letting any human make a really major decision about resource allocation would mean inefficient use of the resources. Possibly insupportably inefficient.

We’re not there yet. We’re not going to be there in 2026, either. But we’re heading there faster and faster.

If you want an end-state system where a bunch of benevolent-to-the-point-of-enslavement AIs run everything, supporting humans is a or the major goal for the AIs, an AI’s “consumption” is measured by how much support it gets to give to humans, and the AIs run some kind of market system to see which of them “owns” more resources to do that, then that’s a capitalist system. But humans aren’t the players in that system. And if you’re truly superintelligent, you can probably do better. Markets are a pretty good information processing system, but they’re not perfect.

In the meantime, the things that let capitalism work among humans are falling apart. Once there’s no way to get into the club by using your labor to build up capital from scratch, pre-existing holders of capital become an absolute oligarchy. And capital’s tendency to concentrate means it’s a shrinking oligarchy. And eventually membership in that oligarchy is decided either by inheritance, or by things you did so long ago that basically nobody remembers them. Or possibly no human at all owns anything… sort of an “Accelerando” scenario.

I think that starts to come into being even before the ultimate end game, but in any case it’s going to happen eventually.

That’s not a tenable system, it’s not an equitable system, and only a very small proportion of people could “thrive” under it. It would collapse if not sustained by insane amounts of force. The longer we keep moving toward such a world, the more extreme the collapse is likely to be.

So, yeah, there may not be a path to fixing it, but that means we’re all boned, not that we’re thriving.

jbash 8 May 2023 15:34 UTC
−19 points
−14
on: Thriving in the Weird Times: Preparing for the 100X Economy
The best way for MOST people to “thrive” in the kind of economy you describe would be to dismantle capitalism.

jbash 5 May 2023 14:02 UTC
2 points
0
in reply to: JavierCC’s comment on: We don’t need AGI for an amazing future
Independent of potential for growing into AGI and {S,X}-risk resulting from that?

With the understanding that these are very rough descriptions that need much more clarity and nuance, that one or two of them might be flat out wrong, that some of them might turn out to be impossible to codify usefully in practice, that there there might be specific exceptions for some of them, and that the list isn’t necessarily complete--
- Recommendation systems that optimize for “engagement” (or proxy measures thereof).
- Anything that identifies or tracks people, or proxies like vehicles, in spaces open to the public. Also collection of data that would be useful for this.
- Anything that mass-classifies private communications, including closed group communications, for any use by anybody not involved in the communication.
- Anything specifically designed to produce media showing real people in false situations or to show them saying or doing things they have not actually done.
- Anything that adaptively tries to persuade anybody to buy anything or give anybody money, or to hold or not hold any opinion of any person or organization.
- Anything that tries to make people anthropomorphize it or develop affection for it.
- Anything that tries to classify humans into risk groups based on, well, anything.
- Anything that purports to read minds or act as a lie detector, live or on recorded or written material.

jbash 4 May 2023 20:17 UTC
2 points
−1
in reply to: Karl von Wendt’s comment on: We don’t need AGI for an amazing future

Actually, my point in this post is that we don’t NEED AGI for a great future, because often people equate Not AGI = Not amazing future (or even a terrible one) and I think this is wrong.

I don’t have so much of a problem with that part.

It would prevent my personal favorite application for fully generally strongly superhuman AGI… which is to have it take over the world and keep humans from screwing things up more. I’m not sure I’d want humans to have access to some of the stuff non-AGI could do… but I don’t think here’s any way to prevent that.

If we build a misaligned AGI, we’re dead. So there are only two options: A) solve alignment, B) not build AGI. If not A), then there’s only B), however “impossible” that may be.

C) Give up.

Anyway, I haven’t seen you offer an alternative.

You’re not going to like it...

Personally, if made king of the world, I would try to discourage at least large scale efforts to develop either generalized agents or “narrow AI”, especially out of opaque technology like ML. Thats because narrow AI could easily become parts or tools for a generalized agent, because many kinds of narrow AI are too dangerous in human hands, and because the tools and expertise for narrow AI are too close to those for generalized AGI,. It would be extremely difficult to suppress one in practice without suppressing the other.

I’d probably start by making it as unprofitable as I could by banning likely applications. That’s relatively easy to enforce because many applications are visible. A lot of the current narrow AI applications need bannin’ anyhow. Then I’d start working on a list of straight-up prohibitions.

Then I’d dump a bunch of resources into research on assuring behavior in general and on more transparent architectures. I would not actually expect it to work, but it has enough of a chance to be worth a try,. That work would be a lot more public than most people on Less Wrong would be comfortable with, because I’m afraid of nasty knock-on effects from trying to make it secret. And I’d be a little looser about capability work in service of that goal than in service of any other.

I would think very hard about banning large aggregations of vector compute hardware, and putting various controls on smaller ones, and would almost certainly end up doing it for some size thresholds. I’m not sure what the thresholds would be, nor exactly what the controls would be. This part would be very hard to enforce regardless.

I would not do anything that relied on perfect enforcement for its effecitveness, and I would not try to ramp up enforcement to the point where it was absolutely impossible to break my rules, because I would fail and make people miserable. I would titrate enforcement and stick with measures that seemed to be working without causing horrible pain.

I’d hope to get a few years out of that, and maybe a breakthrough on safety if I were tremendously lucky. Given oerfect confidence in a real breakthrough, I would try to abdicate in favor of the AGI.

If made king of only part of the world, I would try to convince the other parts to collaborate with me in imposing roughly the same regime. How I reacted if they didn’t do that would depend on how much leverage I had and what they did seem to be doing. I would try really, really hard not to start any wars over it. Regardless of what they said they were doing I would assume that they were engaging in AGI research under the table. Not quite sure what I’d do with that assumption, though.

But I am not king of the world, and I do not think it’s feasible for me to become king of the world.

I also doubt that the actual worldwide political system, or even the political systems of most large countries, can actually be made to take any very effective measures within any useful amount of time. There are too many people out there with too many different opinions, too many power centers with contrary interests, too much mutal distrust, and too many other people with too much skill at deflecting any kind of policy initiative down ways that sort of look like they serve the original purpose, but mostly don’t. The devil is often in the details.

If it is possible to get the system to do that, I know that I am not capable of doing so. I mean, I’ll vote for it, maybe make write some letters, but I know from experience that I have nearly no ability to persuade the sorts of people who’d need to be persuaded.

I am also not capable of solving the technical problem myself and doing some “pivotal act”. In fact I’m pretty sure I have no technical ideas for things to try that aren’t obvious to most specialists. And I don’t much buy any of the the ideas I’ve heard from other people.

My only real hopes are things that neither I nor anybody else can influence, especially not in any predictable direction, like limitations on intelligence and uncertainty about doom.

So my personal solution is to read random stuff, study random things, putter around in my workshop, spend time with my kid, and generally have a good time.

jbash 4 May 2023 18:44 UTC
2 points
0
in reply to: jbash’s comment on: We don’t need AGI for an amazing future
Replying to myself to clarify this:

A climate change defector also doesn’t get to “align” the entire future with the defector’s chosen value system.

I do understand that the problem with AGI is exactly that you don’t know how to align anything with anything at all, and if you know you can’t, then obviously you shouldn’t try. That would be stupid.

The problem is that there’ll be an arms race to become able to do so… and a huge amount of pressure to deploy any solution you think you have as soon as you possibly can. That kind of pressure leads to motivated cognition and institutional failure, so you become “sure” that something will work when it won’t. It also leads to building up all the prerequisite capabilities for a “pivotal act”, so that you can put it into practice immediately when (you think) you have an alignment solution.

… which basically sets up a bunch of time bombs.

jbash 4 May 2023 18:33 UTC
1 point
−2
in reply to: Karl von Wendt’s comment on: We don’t need AGI for an amazing future
Are you saying that I’d have to kill everyone so noone can build AGI?

Yup. Anything short of that is just a delaying tactic.

From the last part of your comment, you seem to agree with that, actually. 1000 years is still just a delay.

But I didn’t see you as presenting preventing fully general, self-improving AGI as a delaying tactic. I saw you as presenting it as a solution.

Also, isn’t suppressing fully general AGI actually a separate question from building narrow AI? You could try suppress fully general AGI and narrow AI. Or you could build narrow AI while still also trying to do fully general AGI. You can do either with or without the other.

you have to provide evidence that a) this is distracting relevant people from doing things that are more productive (such as solving alignment?)

I don’t know if it’s distracting any individuals from finding any way to guarantee good AGI behavior^[1]. But it definitely tends to distract social attention from that. Finding one “solution” for a problem tends to make it hard to continue any negotiated process, including government policy development, for doing another “solution”. The attitude is “We’ve solved that (or solved it for now), so on to the next crisis”. And the suppression regime could itself make it harder to work on guaranteeing behavior.

True, I don’t don’t know if the good behavior problem can be solved, and am very unsure that it can be solved in time, regardless.

But at the very least, even if we’re totally doomed, the idea of total, permanent suppression distracts people from getting whatever value they can out of whatever time they have left, and may lead them to actions that make it harder for others to get that value.

AND b) that solving alignment before we can build AGI is not only possible, but highly likely.

Oh, no, I don’t think that at all. Given the trends we seem to be on, things aren’t looking remotely good.

I do think there’s some hope for solving the good behavior problem, but honestly I pin more of my hope for the future on limitations of the amount of intelligence that’s physically possbile, and even more on limitations of what you can do with intelligence no matter how much of it you have. And another, smaller, chunk on it possibly turning out that a random self-improving intelligence simply won’t feel like doing anything that bad anyway.

… but even if you were absolutely sure you couldn’t make a guaranteed well-behaved self-improving AGI, and also absolutely sure that a random self-improving AGI meant certain extinction, it still wouldn’t follow that you should turn around and do something else that also won’t work. Not unless the cost were zero.

And the cost of the kind of totalitarian regime you’d have to set up to even try for long-term suppression is far from zero. Not only could it stop people from enjoying what remains, but when that regime failed, it could end up turning X-risk into S-risk by causing whatever finally escaped to have a particularly nasty goal system.

For all the people who continuously claim that it’s impossible to coordinate humankind into not doing obviously stupid things, here are some counter examples: We have the Darwin awards for precisely the reason that almost all people on earth would never do the stupid things that get awarded. A very large majority of humans will not let their children play on the highway, will not eat the first unknown mushrooms they find in the woods, will not use chloroquine against covid, will not climb into the cage in the zoo to pet the tigers, etc.

Those things are obviously bad from an individual point of view. They’re bad in readily understandable ways. The bad consequences are very certain and have been seen many times. Almost all of the bad consequences of doing any one of them accrue personally to whoever does it. If other people do them, it still doesn’t introduce any considerations that might drive you to want to take the risk of doing them too.

Yet lots of people DID (and do) take hydroxychloroquine and ivermectin for COVID, a nontrivial number of people do in fact eat random mushrooms, and the others aren’t unheard-of. The good part is that when somebody dies from doing one of those things, everybody else doesn’t also die. That doesn’t apply to unleashing the killer robots.

… and if making a self-improving AGI were as easy as eating the wrong mushrooms, I think it would have happened already.

The challenge here is not the coordination, but the common acceptance that certain things are stupid.

Pretty much everybody nowadays has a pretty good understanding of the outlines of the climate change problem. The people who don’t are the pretty much the same people who eat horse paste. Yet people, in the aggregate, have not stopped making it worse. Not only has every individual not stopped, but governments have been negotiating about it for like 30 years… agreeing at every stage on probably inadequate targets… which they then go on not to meet.

… and climate change is much, much easier than AGI. Climate change rules could still be effective without perfect compliance at an individual level. And there’s no arms race involved, not even between governments. A climate change defector may get some economic advantage over other players, but doesn’t get an unstoppable superweapon to use against the other players. A climate change defector also doesn’t get to “align” the entire future with the defector’s chosen value system. And all the players know that.

Speaking of arms races, many people think that war is stupid. Almost everybody thinks that nuclear war is stupid, even if they don’t think nuclear deterrence is stupid. Almost everybody thinks that starting a war you will lose is stupid. Yet people still start wars that they will lose, and there is real fear that nuclear war can happen.

This is maybe hard in certain cases, but NOT impossible. Sure, this will maybe not hold for the next 1,000 years, but it will buy us time.

I agree that suppressing full-bore self-improving ultra-general AGI can buy time, if done carefully and correctly. I’m even in favor of it at this point.

But I suspect we have some huge quantitative differences, because I think the best you’ll get out of it is probably less than 10 years, not anywhere near 1000. And again I don’t see what substituting narrow AI has to do with it. If anything, that would make it harder by requiring you to tell the difference.

I also think that putting too much energy into making that kind of system “non-leaky” would be counterproductive. It’s one thing to make it inconvenient to start a large research group, build a 10,000-GPU cluster, and start trying for the most agenty thing you can imagine. It’s both harder and more harmful to set up a totalitarian surveillance state to try to control every individual’s use of gaming-grade hardware.

And there are possible measures to reduce the ability of the most stupid 1% of humanity to build AGI and kill everyone.

What in detail would you like to do?
1. ↩︎
  I don’t like the word “alignment” for reasons that are largely irrelevant here.

jbash 4 May 2023 17:03 UTC
0 points
0
in reply to: HarrisonDurland’s comment on: We don’t need AGI for an amazing future
I’ll say it. It definitely can’t be done.

You cannot permanently stop self-improving AGI from being created or run. Not without literally destroying all humans.

You can’t stop it for a “civilizationally significant” amount of time. Not without destroying civilization.

You can slow it down by maybe a few years (probably not decades), and everybody should be trying to do that. However, it’s a nontrivial effort, has important costs of many kinds, quickly reaches a point of sharply diminishing returns, is easy to screw up in actually counterproductive ways, and involves meaningful risk of making the way it happens worse.

If you want to quibble, OK, none of those things are absolute certainties, because there are no absolute certainties. They are, however, the most certain things in the whole AI risk field of thought.

What really concerns me is that the same idea has been coming up continuously since (at least) the 1990s, and people still talk about it as if it were possible. It’s dangerous; it distracts people into fantasies, and keeps them from thinking clearly about what can actually be done.

I’ve noticed a pattern of such proposals talking about what “we” should do, as if there were a “we” with a unified will that ever could or would act in a unified way. There is no such “we”. Although it’s not necessarily wrong to ever use the word “we”, using it carelessly is a good way to lead yourself into such errors.

jbash 27 Apr 2023 13:17 UTC
2 points
0
in reply to: TobyC’s comment on: An Intro to Anthropic Reasoning using the ‘Boy or Girl Paradox’ as a toy example
Quickly, ’cuz I’ve been spending too much time here lately...

One. If my other values actively conflict with having more than a certain given number of people, then they may overwhelm the considerations were talking about here and make them irrelevant.

Three. It’s not that you can’t do it precisely. It’s that you’re in a state of sin if you try to aggregate or compare them at all, even in the most loose and qualitative way. I’ll admit that I sometimes commit that sin, but that’s because I don’t buy into the whole idea of rigorous ethical philsophy to begin with. And only in extremis; I don’t think I’d be willing to commit it enough for that argument to really work for me.

Four. I’m not sure what you mean by “distribution of happiness”. That makes it sound like there’s a bottle of happiness and we’re trying to decide who gets to drink how much of it, or how to brew more, or how we can dilute it, or whatever. What I’m getting at is that your happiness and my happiness aren’t the same stuff at all; it’s more like there’s a big heap of random “happinesses”, none of them necessarily related to or substitutable for the others at all. Everybody gets one, but it’s really hard to say who’s getting the better deal. And, all else being equal, I’d rather have them be different from each other than have more identical ones.

jbash 26 Apr 2023 18:13 UTC
2 points
0
in reply to: jbash’s comment on: Is the fact that we don’t observe any obvious glitch evidence that we’re not in a simulation?
OK, wait, I think I get it. It’s an anthropic thing. You happen to be human, and humans happen to be change-blind, so you take advantage of that to run your simulation, and we observe it because you wouldn’t have run the simulation if you (and therefore we) weren’t change-blind. Is that right?

jbash 26 Apr 2023 18:00 UTC
2 points
0
in reply to: Dave Orr’s comment on: Is the fact that we don’t observe any obvious glitch evidence that we’re not in a simulation?
I assumed you meant that you (as the one running the simulation) had arranged for people to be change-blind. Which means that there’s no particular reason that you yourself would be change-blind.

So you can’t just make the people copies of yourself, or the world a copy of your own world. You have to design them from scratch, and then put together a whole history for the universe so that their having evolved to be change-blind fits with the supposed past.

On edit: and of course you can’t just let them evolve and assume they’ll be change-blind, unless you have a pretty darned impressive ability to predict how that will come out.

jbash 26 Apr 2023 17:24 UTC
2 points
0
in reply to: Dave Orr’s comment on: Is the fact that we don’t observe any obvious glitch evidence that we’re not in a simulation?
Doesn’t that mean you have to do an awful lot of work to design everything in tremendous detail, and also fabricate the back story?

jbash 26 Apr 2023 15:35 UTC
7 points
3
on: Is the fact that we don’t observe any obvious glitch evidence that we’re not in a simulation?
If the simulation were running on a substrate very different from the “reality” being simulated, then it might not have the same resource limitations we’re used to, and it might not have any resource-conserving hacks in it.

If you have infinite computing power, and are in a position to simulate all of the physics we can access starting from the most ontologically fundamental rules, with no approximations, quantizations, or whatever, it’s relatively easy to write something that won’t glitch. To get the physics we seem to have, you might actually have to have “uncountably infinite computing power”, but what’s special about ‭ℵ₀ anyhow?

Admittedly, I don’t know if the entities that existed in such a universe would count as “biological”. And if you keep going down that road you start to run into serious questions about what counts as a simulation and what counts as reality, and the next thing you know you’re arguing with a bunch of dragonflies and losing.

On the other hand, such entities would be more plausibly able to run whatever random simulations struck their fancies than entities stuck in a world like ours. Anybody operating in our own physics would frankly have to be pretty crazy to waste resources on running this universe.

Or maybe it’s actually a really crappy, complicated, buggy simulation, but the people running it detect glitches and stop/rewind every time one happens, and if they can’t do that they just edit you so you don’t notice it.

jbash 24 Apr 2023 19:21 UTC
2 points
0
in reply to: TobyC’s comment on: An Intro to Anthropic Reasoning using the ‘Boy or Girl Paradox’ as a toy example
I have probably heard those arguments, but the particular formulation you mention appear to be embedded in a book of ethical philosophy, so I can’t check, because I haven’t got a lot of time or money for reading whole ethical philosophy books. I think that’s a mostly doomed approach that nobody should spend too much time on.

I looked at the Wikipedia summary, for whatever that’s worth, and here are my standard responses to what’s in there:
1. I reject the idea that I only get to assign value to people and their quality of life, and don’t get to care about other aspects of the universe in which they’re embedded and of their effects on it. I am, if you push the scenario hard enough, literally willing to value maintaining a certain amount of VOID, sort of a “void preserve”, if you will, over adding more people. And it gets even hairier if you start asking difficult questions about what counts as a “person” and why. And if you broaden your circle of concern enough, it starts to get hard to explain why you give equal weight to everything inside it.
2. Even if you do restrict yourself only to people, which again I don’t, step 1, from A to A+, doesn’t exactly assume that you can always add a new group of people without in any way affecting the old ones, but seems to tend to encourage thinking that way, which is not necessarily a win.
3. Step 2, where “total and average happiness increase” from A+ to B-, is the clearest example of how the whole argument requires aggregating happiness… and it’s not a valid step. You can’t legitimately talk about, let alone compute, “total happiness”, “average happiness”, “maximum happiness”, or indeed ANYTHING that requires you put two or more people’s happiness on the same scale. You may not even be able to do it for one person. At MOST you can impose a very weak partial ordering on states of the universe (I think that’s the sort of thing Pareto talked about, but again I don’t study this stuff...). And such a partial ordering doesn’t help at all when you’re trying to look at populations.
4. If you could aggregate or compare happiness, the way you did it wouldn’t necessarily be independent of things like how diverse various people’s happiness was; happiness doesn’t have to be a fungible commodity. As I said before, I’d probably rather create two significantly different happy people than a million identical “equally happy” people.
So I don’t accept that argument requires me to accept the repugnant conclusion on pain of having intransitive preferences.

That said, of course I do have some non-transitive preferences, or at least I’m pretty sure I do. I’m human, not some kind of VNM-thing. My preferences are going to depend on when you happen to ask me a question, how you ask it, and what particular consequences seem most salient. Sure, I often prefer to be consistent, and if I explicitly decided on X yesterday I’m not likely to choose Y tomorrow. Especially not if feel like maybe I’ve led somebody to depend on my previous choice. But consistency isn’t always going to control absolutely.

Even if it were possible, getting rid of all non-transitive preferences, or even all revealed non-transitive preferences, would demand deeply rewriting my mind and personality, and I do not at this time wish to do that, or at least not in that way. It’s especially unappealing because every set of presumably transitive preferences that people suggest I adopt seems to leave me preferring one or another kind of intuitively crazy outcome, and I believe that’s probably going to be true of any consistent system.

My intuitions conflict, because they were adopted ad-hoc through biological evolution, cultural evolution, and personal experience. At no point in any of that were they ever designed not to conflict. So maybe I just need to kind of find a way to improve the “average happiness” of my various intuitions. Although if I had to pursue that obviously bogus math analogy any further, I’d say something like the geometric mean would be closer.

I suspect you also can find some intransitive preferences of your own if you go looking, and would find more if you had perfect view of all your preferences and their consequences. And I personally think you’re best off to roll with that. Maybe intransitive preferences open you to being Dutch-booked, but trying to have absolutely transitive preferences is likely to make it even easier to get you go just do something intuitively catastrophic, while telling yourself you have to want it.

jbash 24 Apr 2023 13:23 UTC
2 points
0
in reply to: JavierCC’s comment on: An Intro to Anthropic Reasoning using the ‘Boy or Girl Paradox’ as a toy example

If you have the chance to create lives that are worth-living at low-cost while you know that you are not going to increase suffering in any unbearable amount, why wouldn’t you?

Well, I suppose I would, especially if it meant going from no lives lived at all to some reasonable number of lives lived. “I don’t care” is unduly glib. I don’t care enough to do it if it had a major cost to me, definitely not given the number of lives already around.

I guess I’d be more likely to care somewhat more if those lives were diverse. Creating a million exactly identical lives seems less cool than creating just two significantly different ones. And the difference between a billion and a trillion is pretty unmoving to me, probably because I doubt the diversity of experiences among the trillion.

So long as I take reasonable care not to actively actualize a lot of people who are horribly unhappy on net, manipulating the number of future people doesn’t seem like some kind of moral imperative to me, more like an aesthetic preference to sculpt the future.

I’m definitely not responsible for people I don’t create, no matter what. I am responsible for any people I do create, but that responsibility is more in the nature of “not obviously screwing them over and throwing them into predictable hellscapes” than being absolutely sure they’ll all have fantastic lives.

I would actively resist packing the whole Universe with humans at the maximum just-barely-better-than-not-living density, because it’s just plain outright ugly. And I can’t even imagine how I could figure out an “optimal” density from the point of view of the experiences of the people involved, even if I were invested in nonexistent people.

Those people would also say that they would prefer to have lived than to not have lived, just like you presumably.

I don’t feel like I can even formulate a preference between those choices. I don’t just mean that one is as good as the other. I mean that the whole question seems pointless and kind of doesn’t compute. I recognize that it does make some kind of sense in some way, but how am I supposed to form a preference about the past, especially when my preferences, or lack thereof, would be modified by the hypothetical-but-strictly-impossible enactment of that preference? What am I supposed to do with that kind of preference if I have it?

Anyway, if a given person doesn’t exist, in the strongest possible sense of nonexistence, where they don’t appear anywhere in the timeline, then that person doesn’t in fact have any preferences at all, regardless of what they “would” say in some hypothetical sense. You have to exist to prefer something. The nonexistent preferences of nonexistent people are, well… not exactly compelling?

I mean, if you want to go down that road, no matter what I do, I can only instantiate a finite number of people. If I don’t discount in some very harsh way for lack of diversity, that leaves an infinite number of people nonexistent. If I continue on the path of taking nonexistent people’s preferences into account; and I discover that even a “tiny” majority of those infinite nonexistent people “would” feel envy and spite for the people who do exist, and would want them not to exist; then should I take that infinite amount of preference into account, and make sure not to create anybody at all? Or should I maybe even just not create anybody at all out of simple fairness?

I think I have more than enough trouble taking even minimal care of even all the people who definitely do exist.

If you consider that pleasure has inherent positive value (more pleasure implies more positive value, same thing), why stopping at a fixed number of pleasure when you can create more pleasure by adding more worth-living lives? It’s more arbitrary.

At a certain point the whole thing stops being interesting. And at a certain point after that, it just seems like a weird obsession. Especially if you’re giving up on other things. If you’ve populated all the galaxies but one, that last empty galaxy seems more valuable to me than adding however many people you can fit into it.

Also, what’s so great abotut humans specifically? If I wanted to maximize pleasure, shouldn’t I try to create a bunch of utility monsters that only feel pleasure, instead of wasting resources on humans whose pleasure is imperfect? If you want, it can be utility monsters with two capacities: to feel pleasure, and to in whatever sense you like prefer their own existence to their nonexistence. And if I do have to create humans, should I try to make them as close to those utility monsters as possible while still meeting the minimum definition of “human”?

If you consider that something has positive value, that typically implies that an universe with more of that thing is better.

I like cake. I don’t necessarily want to stuff the whole universe with cake (or paperclips). I can’t necessarily say exactly how much cake I want to have around, but it’s not “as much as possible”. Even if I can identify an optimal amount of anything to have, the optimum does not have to be the maximum.

… and, pattern matching on previous conversations and guessing where this one might go, I think that formalized ethical systems, where you try to derive what you “should” do using logical inference from some fixed set of principles, are pointless and often dangerous. That includes all the of “measure and maximize pleasure/utility” variants, especially if they require you to aggregate people’s utilities into a common metric.

There’s no a priori reason you should expect to be able to pull anything logically consistent out of a bunch of ad-hoc, evolved ethical intuitions, and experience suggests that you can’t do that. Everybody who tries seems to come up with something that has implications those same intuitions say are grossly monstrous. And in fact when somebody gets power and tries to really enact some rigid formalized system, the actual consequences tend to be monstrous.

“Humanclipping” the universe has that kind of feel for me.

jbash 23 Apr 2023 14:36 UTC
4 points
−1
on: An Intro to Anthropic Reasoning using the ‘Boy or Girl Paradox’ as a toy example
That was a nice clear explanation. Thank you.

… but you still haven’t sold me on it mattering.

I don’t care whether future generations get born or not. I only care whether people who actually are born do OK. If anything, I find it creepy when Bostrom or whoever talks about a Universe absolutely crawling with “future generations”, and how much critical it supposedly is to create as many as possible. It always sounds like a hive or a bacterial colony or something.

It’s all the less interesting because a lot of people who share that vision seem to have really restricted ideas of who or what should count as a “future generation”. Why are humans the important class, either as a reference class or as a class of beings with value? And who’s in the “human club” anyway?

Seems to me that the biggest problem with an apocalypse isn’t that a bunch of people never get born; it’s that a bunch of living people get apocalypsticized. Humans are one thing, but why should I care about “humanity”?

jbash 22 Apr 2023 0:51 UTC
12 points
6
on: Would we even want AI to solve all our problems?
If it “solves all your problems” in a way that leaves you bored or pithed or wireheaded, then you still have a problem, don’t you? At least you have a problem according to your pre-wireheading value system, which ought to count for something.

That, plus plain old physical limitations, may mean that even talking about “solving all of anybody’s problems” is an error.

Also, I’m not so sure that there’s an “us” such that you can talk about “our problems”. Me getting what makes me Truly Happy may actually be a problem from your point of view, or of course vice versa. It may or may not make sense to talk about “educating” anybody out of any such conflict. Irreconcilable differences seem very likely to be a very real thing, at least on relatively minor issues, but quite possibly in areas that are and will remain truly important to some people.

But, yeah, as I think you allude to, those are all nice problems to have. For now I think it’s more about not ending up dead, or inescapably locked into something that a whole lot of people would see as an obvious full-on dystopia. I’m not as sure as you seem to be that you can assure that without rapidly going all the way to full-on superintelligence, though.

jbash 19 Apr 2023 16:14 UTC
3 points
1
on: Legitimising AI Red-Teaming by Public
If you want a harmless target that they’re actually trying to prevent, try to get it to tell you how to make drugs or bombs. If you succeed, all you’ll get will be a worse, less reliable version of information that you can easily find with a normal Internet search, but it still makes your point.

On edit: Just to be clear, it is NOT illegal in most places to seek or have that information. The only counterexample I know of in “the West” is the UK, but even they make an exception if you have a legitimate reason other than actual bomb making. The US tried to do something about publishing some such information, but it required intent that the information be abused as an element of the offense, I’m not sure how far it got, and it’s constitutionally, um, questionable.