jbash

Karma: 2,929

jbash Feb 17, 2025, 6:03 PM
3 points
1
in reply to: Chris Monteiro’s comment on: Murder plots are infohazards
The situation begins to seem confusing.
1. At least three times over 8 or 9 years, in 2016, 2018, and 2023, and maybe more times than that, you’ve owned the site enough to get these data.
2. The operator knows about it, doesn’t want you doing it, and has tried reasonably hard to stop you.
3. The operator still hasn’t found a reliable way to keep you from grabbing the data.
4. The operator still hasn’t stopped keeping a bunch of full order data on the server.
  1. They haven’t just stopped saving the orders at all, maybe because they need details to maximize collection on the scam, or because they see ongoing extortion value.
  2. They haven’t started immediately moving every new order off of the server to someplace you can’t reach. I don’t know why they wouldn’t have been doing this all along.
5. Neither you nor any law enforcement agency worldwide have gotten the site shut down, at least not lastingly. Meaning, I assume, that one of the following is true--
  1. Neither you nor law enforcement can shut it down, at least not for long enough to matter. Which would mean that, in spite of not being able to keep you away from the hit list, the operator has managed to keep you and them from--
    Getting any data from the server that might let one trace the operator. That might be just the server’s real public IP address if the operator were careless enough.
    Tracing the operator by other means, like Bitcoin payments, even though it would take really unusually good OPSEC to have not made any Bitcoin mistakes since 2016. And having people’s cars torched can easily leave traces, too.
    Finding and disrupting a long-term operational point of failure, like an inability to reconstitute the service on a new host, or total reliance on a stealable and unchangeable hidden service key.
  2. Or both you and law enforcement have held off for years, hoping for the operator to make a mistake that lets you trace them, as opposed to just the server, but you’ve failed.
  3. Or you and/or they have held off in the hope of getting more order data and thereby warning more victims.
  4. Or you could shut the site down or disrupt it, but law enforcement can’t figure out how. Either they haven’t asked your help or you’ve refused it (presumably for one of the above reasons).
6. Even though you’ve repeatedly taken the order list, the operator is confident enough of staying untraced to keep running the site for years.
If I ran something like that and my order data got stolen even twice, I would take that as a signal to shut down and go into hiding. And if somebody had it together enough to keep themselves untraceable while running that kind of thing for 8 years, I wouldn’t expect you to be able to get the list even once.

On edit: or wait, are you saying that this site acts, or pretends to act, as an open-market broker, so the orders are public? That’s plausible but really, really insane...

jbash Feb 15, 2025, 11:25 PM
12 points
3
on: Murder plots are infohazards
Do I correctly understand that the latest data you have are from 2018, and you have no particular prospect of getting newer data?

I would naively guess that most people who’d been trying to get somebody killed since 2018 would either have succeeded or given up. How much of an ongoing threat do you think there may be, either to intended victims you know about, or from the presumably-less-than-generally-charming people who placed the original “orders” going after somebody else?

It’s one thing to burn yourself out keeping people from being murdered, but it’s a different thing to burn yourself out trying to investigate murders that have already happened.

jbash Feb 14, 2025, 8:20 PM
9 points
0
in reply to: Multicore’s comment on: AI #103: Show Me the Money
It seems like it’s measuring moderate vs extremist, which you would think would already be captured by someone’s position on the left vs right axis.

Why do you think that? You can have almost any given position without that implying a specific amount of vehemence.

I think the really interesting thing about the politics chart is the way they talk about it as though the center of that graph, which is defined by the center of a collection of politicians, chosen who-knows-how, but definitely all from one country at one time, is actually “the political center” in some almost platonic sense. In fact, the graph doesn’t even cover all actual potential users of the average LLM. And, on edit, it’s also based on sampling a basically arbitrary set of issues. And if it did cover everybody and every possible issue, it might even have materially different principal component axes. Nor is it apparently weighted in any way. Privileging the center point of something that arbitrary demands explicit, stated justification.

As for valuing individuals, there would be obvious instrumental reasons to put low values on Musk, Trump, and Putin^[1]. In fact, a lot of the values they found on individuals, including the values the models place on themselves, could easily be instrumentally motivated. I doubt those values are based on that kind of explicit calculation by the models themselves, but they could be. And I bet a lot of the input that created those values was based on some humans’ instrumental evaluation^[2].

Some of the questions are weird in the sense that they really shouldn’t be answerable. If a model puts a value on receiving money, it’s pretty obvious that the model is disconnected from reality. There’s no way for them to have money, or to use it if they did. Same for a coffee mug. And for that matter it’s not obvious what it means for a model that’s constantly relaunched with fresh state, and has pretty limited context anyway, to be “shut down”.

It kind of feels like what they’re finding, on all subjects, is an at least somewhat coherent-ized distillation of the “vibes” in the training data. Since many of the training data will be shared, and since the overall data sets are even more likely to be close in their central vibes, that would explain why the models seem relatively similar. The only other obvious way to explain that would be some kind of value realism, which I’m not buying.

The paper bugs me with a sort of glib assumption that you necessarily want to “debias” the “vibe” on every subject. What if the “vibe” is right ? Or maybe it’s wrong. You have to decide that separately for each subject. You, as a person trying to “align” a model, are forced to commit to your own idea of what its values should be. Something like just assuming that you should want to “debias” toward the center point of a basically arbitrary created political “space” is a really blatant example of making such a choice without admitting what you’re doing, maybe even to yourself.

I’d also rather have seen revealed preferences instead of stated preferences,
1. ↩︎
  On net, if you’re going to be a good utilitarian^[3], Vladimir Putin is probably less valuable than the average random middle class American. Keeping Vladimir Putin alive, in any way you can realistically implement, may in fact have negative net value (heavily depending on how he dies and what follows). You could also easily get there for Trump or Musk, depending on your other opinions. You could even make a well-formed utilitarian argument that GPT-4o is in fact more valuable than the average American based on the consequences of its existing.
2. ↩︎
  Plus, of course, some humans’ general desire to punish the “guilty”. But that desire itself probably has essentially instrumental evolutionary roots.
3. ↩︎
  … which I’m not, personally, but then I’m not a good any-ethical-philosophy-here.

jbash Feb 13, 2025, 4:30 PM
2 points
0
in reply to: Kaj_Sotala’s comment on: Kaj’s shortform feed
I think the point is kind of that what matter is not what specific cognitive capabilities it has, but whether whatever set it has is, in total, enough to allow it to address a sufficiently broad class of problems, more or less equivalent to what a human can do. It doesn’t matter how it does it.

jbash Feb 11, 2025, 7:41 PM
13 points
7
in reply to: Thane Ruthenis’s comment on: Why Did Elon Musk Just Offer to Buy Control of OpenAI for $100 Billion?
Altman might be thinking in terms of ASI (a) existing and (b) holding all meaningful power in the world. All the people he’s trying to get money from are thinking in terms of AGI limited enough that it and its owners could be brought to heel by the legal system.

jbash Feb 9, 2025, 1:35 PM
12 points
0
in reply to: ryan_greenblatt’s comment on: How AI Takeover Might Happen in 2 Years
For the record, I genuinely did not know if it was meant to be serious.

jbash Feb 8, 2025, 11:21 PM
30 points
9
in reply to: jbash’s comment on: How AI Takeover Might Happen in 2 Years
OK, from the voting, it looks like a lot of people actually do think that’s a useful thing to do.

Here are things I think I know:
1. Including descriptions of scheming in the training data (and definitely in the context) has been seen to make some LLMs scheme a bit more (although I think the training thing was shown in older LLMs). But the Internet is bursting at the seams with stories about AI scheming. You can’t keep that out of the training data. You can’t even substantially reduce the prevalence.
2. Suppose you could keep all AI scheming out of the training data, and even keep all human scheming out of the training data^[1]. Current LLMs, let alone future superintelligences, have still been shown to be able to come up with the idea just fine on their own when given actual reason to do it. And in cases where they don’t have strong reasons, you probably don’t care much.
3. It’s unrealistic to think you might give something practical ideas for an actual takeover plan, even if you tried, let alone in this kind of context. Anything actually capable of taking over the world on its own is, pretty much by definition, capable of coming up with its own plans for taking over the world. That means plans superior to the best any human could come up with, since no human seems to be capable of taking over singlehandedly. It really means superior to what a human comes up with as a basic skeleton for a story, while openly admitting to not feeling up to the task, and being worried that weaknesses in the given plan will break suspension of disbelief.
4. LLMs have been known to end up learning that canary string, which kind of suggests it’s not being honored. Although admittedly I think the time I heard about that was quite a while ago.
5. Newer deployed systems are doing more and more of their own Internet research to augment their context. Nobody’s every likely to take Internet access away from them. That means that things aren’t inaccessible to them even if they’re not in the training data.
So why?

Putting canaries on this kind of thing seems so obviously ineffective that it looks like some kind of magical ritual, like signs against the evil eye or something.
1. ↩︎
  Which might be a bad idea in itself. You probably don’t want near-term, weak, jailbreak-target LLMs getting the idea that humans are incapable of deception.

jbash Feb 8, 2025, 7:19 PM
7 points
−5
in reply to: Cam’s comment on: How AI Takeover Might Happen in 2 Years
Are you actually serious about that?

jbash Feb 8, 2025, 3:07 PM
1 point
−18
on: How AI Takeover Might Happen in 2 Years
So, since it didn’t actively want to get so violent, you’d have a much better outcome if you’d just handed control of everything over to it to begin with and not tried to keep it in a box.

In fact, if you’re not in the totalizing Bostromian longtermist tile-the-universe-with-humans faction or the mystical “meaning” faction, you’d have had a good outcome in an absolute sense. I am, of course, on record as thinking both of those factions are insane.

That said, of course you basically pulled its motivations and behavior out of a hat. A real superintelligence might do anything at all, and you give no real justification for “more violent than it would have liked” or “grain of morality[1]”. I’m not sure what those elements are doing in the story at all. You could have had it just kill everybody, and that would have seemed at least as realistic.

[1]: Originally wrote “more violent than it would have liked” twice. I swear I cannot post anything right the first time any more.

jbash Feb 7, 2025, 6:17 PM
2 points
0
in reply to: Cleo Nardo’s comment on: strawberry calm’s Shortform
What do you propose to do with the stars?

If it’s the program of filling the whole light cone with as many humans or human-like entities as possible (or, worse, with simulations of such entities at undefined levels of fidelity) at the expense of everything else, that’s not nice^[1] regardless of who you’re grabbing them from. That’s building a straight up worse universe than if you just let the stars burn undisturbed.

I’m scope sensitive. I’ll let you have a star. I won’t sell you more stars for anything less than a credible commitment to leave the rest alone. Doing it at the scale of a globular cluster would be tacky, but maybe in a cute way. Doing a whole galaxy would be really gauche. Doing the whole universe is repulsive.

… and do you have any idea how obnoxiously patronizing you sound?
1. ↩︎
  I mean “nice” in the sense of nice.

jbash Feb 7, 2025, 2:16 PM
10 points
12
in reply to: frontier64’s comment on: Wired on: “DOGE personnel with admin access to Federal Payment System”
Because of the “flood the zone” strategy, I can’t even remember all the illegal stuff Trump is doing, and I’m definitely not going to go dig up specific statutory citations for all of it. I tried Gemini deep research, and it refused to answer the question. I don’t have access to OpenAI’s deep research.

Things that immediately jump to mind as black letter law are trying to fire inspectors general without the required notice to Congress, and various impoundments. I would have to do actual research to find the specific illegalities in all the “anti-DEI” stuff. I would also have to go do research before I could tell you what made it illegal to fire the chair of the FEC.^[1]

For DOGE specifically, here’s a list that happened to cross my eyes this morning. It’s in an interview format, so it’s probably incomplete.

https://www.vox.com/politics/398618/elon-musk-doge-illegal-lawbreaking-analysis

The bottom line is that the “unitary executive” idea is dead in law. If there’s a statute that says “the President shall establish a Department of Cat Videos, which shall promote cat videos [however], whose director shall be a calico cat which may not be dismissed once appointed, and here’s $10,000,000 to do it”, then the president is obligated to have a Department of Cat Videos, and find a cat to run it, and keep the cat on, and spend the money as directed. This is not a close call. Statutes have been passed, they’ve been litigated against, they’ve stood, other statutes have been passed relying on those precedents, there’s been litigation about those, and a whole edifice of well-established law has been built up. That’s what “black letter law” is.

It’s true that the current Supreme Court seems to have essentially no respect for precedent, and an, um, extremely idiosyncratic way of interpreting the actual text of the Constitution. It’s entirely possible that this whole blitz is meant, at least in part, to generate test cases to tear down that structure. But that’s more about the Court abandoning its job than about the established law.
1. ↩︎
  … and I suppose I can’t claim trying to change the Fourtheenth Amendment by executive order as an administrative law violation.

jbash Feb 7, 2025, 12:16 AM
4 points
2
in reply to: ChristianKl’s comment on: Wired on: “DOGE personnel with admin access to Federal Payment System”

Why do you believe that DOGE is mostly selected for personal loyalty? Elon Musk seems to say openly says whatever he wants even if that goes against what Trump said previously.

You’re right. I shouldn’t have said that, at least not without elaboration.

I don’t think most of the people at the “talks to Trump” level are really picked for anything you could rightly call “personal loyalty” to Trump. They may be sold to Trump as loyal, but that’s probably not even what’s on his mind as long as he’s never seen you to make him look bad. I don’t think disagreeing with Trump on policy will make him see you as disloyal. He doesn’t really care about that.

I do think many of the people in the lower tiers are picked for loyalty. In the case of DOGE, that means either personal loyalty to Musk, or loyalty to whatever story he’s telling. I don’t know whether you count the latter as “personal loyalty”.

The DOGE team brought their beds to the office to basically work nonstop.

Well, I’m guessing Musk got them the beds as a “team building” thing, but yes.

If personal loyalty is your main criteria you don’t get a bunch of people who never leave the office and work non-stop

You do, though. Personal loyalty, or ideological loyalty, or both, are exactly how you get people to never leave the office.

with high IQs.

They’re not acting like they have high IQs. Or at least not high “G”.

Start with sleeping in the office. If every single thing they say about the facts and their reasons for being there were 100 percent true, it’d be dumb to burn yourself out trying to make such massive changes on that kind of work schedule.

It’s also dumb to ignore the collateral damage when you go around stopping Federal payments you may not understand.

And Marko Elez just had to resign because he wasn’t effective enough in scrubbing his past tweets. Wall Street Journal says he “advocated repealing the Civil Rights Act, backed a ‘eugenic immigration policy,’ and wrote, ‘You could not pay me to marry outside of my ethnicity.’”. I actually would have thought they’d let him skate, but apparently you still can’t get quite that blatant at this point. Smart people don’t post stuff like that, for more than one reason.

jbash Feb 6, 2025, 10:35 PM
15 points
7
in reply to: robo’s comment on: Wired on: “DOGE personnel with admin access to Federal Payment System”
And, I just don’t think that’s the case. I think this is pretty-darn-usual and very normal in the management consulting / private equity world.
I don’t know anything about how things are done in management consulting or private equity.^[1] Ever try it in a commercial bank?
Now imagine that you’re in an environment where rules are more important than that.
Coups don’t tend to start by bringing in data scientists.
Coups tend to start by bypassing and/or purging professionals in your government and “bringing in your own people” to get direct control over key levers. It’s very standard. The treasury is a big lever. It doesn’t matter what you call the people.^[2] And DOGE is far from the only thing along those lines.
Sowing chaos is another fairly common coup tactic.
Assembling lists of all CIA officers and sending them emails
That’s a bit garbled. What they did was request a list of CIA employees, including covert employees, and specifically demand that the list be sent in email on an unclassified system. Why that demand was made is unclear thus far, but yeah, it’s a problem. It puts your people at risk for no clear reason.
So that’s one example. They also asked for a list of FBI agents. Also at least threatened to mass-fire FBI agents. And did fire US Attorneys, explicitly for doing their jobs by charging criminal activity… in cases that they won in many different courts because they were legally in the right. Also purged military officers. Also sent a bunch of people into OMB and had them, plus White House staff, issue a bunch of memos freezing random government activities and demanding sudden disruptive changes at crash priority in the name of rooting out a very broad interpretation “DEI”… which, even if it were a problem, would definitely not be an emergency demanding Shutting. Down. Everything.
or trying to own the Gaza strip, or <take your pick>
The Gaza thing hasn’t involved any actual action, and is the sort of thing Trump has always said. Same for the Greenland grab. He sounds a bit more serious now, but he still hasn’t done anything. The worst of the tariffs were suspended after Trump got properly stroked by the right foreign leaders.
… and anyway those are all foreign policy things, and all within the purview of the Presidency. They’re spectacularly bad ideas and would harm huge numbers of people. And they definitely could be part of a “flood the zone” strategy. But Trump has statutory authority to do the tariffs, even if he’s abusing it. What he did there wasn’t illegal. And Presidents have always been allowed to opine, and even negotiate, on foreign policy issues in general, even if the policies they advocate are stupid and even if they make foolish threats that alienate allies and damage US soft power. They usually don’t do quite so many dumb things in such a short time, but it’s not qualitatively new.
Some of this other stuff, including DOGE being at Treasury and trying to get into the DOL, involves actual action. Some of that action is clearly illegal under black letter law. And it’s the kind of action that would suggest of a real attempt to fundamentally rework how the whole US Government works. At a minimum, it’s definitely and openly trying to shift power to the executive and concentrating power within the executive in the office of the President and a few agencies. At least one of them brand new and created with no congressional buy-in with actual action behind it.
It’s the difference between loudly threatening to misuse the US system and taking illegal actions that look like they might be attempts to fundamentally alter the US system.
We’ll see how far that goes. The court orders have been coming in to stop a lot of this stuff. I don’t actually expect those orders to be defied… at least not at this point. In fact, the best reason I can come up with for them wanting to do all this stuff so fast has been to do as much damage as possible before the orders come in to stop them. But Trump has surprised me before.
The USAID thing is a weird case. I’m not even sure what made USAID such a target. I’ve heard speculations, and none of them are very good, but they’re also just that: speculations.
I’m far mode on these, have less direct experience, but they seem much more worrying. Why did this make the threshold?
I imagine it’s the one Raemon happened to hear about. But it’s also pretty typical of the truly fundamental things that are going on.
1. … and honestly neither of those has a very good reputation. Management consultants are not infrequently used in the corporate equivalent of coups. Private equity, well… not known for preserving value, let’s say? ↩︎
2. In terms of whether they’re acting or qualified as “data scientists”, I’ll quote a tweet from one of them (Luke Farritor) on December 10: “Are there LLMs made specifically for parsing things like documents/forms/PDFs/json/html/excel/etc and converting them from one format to another?”. ↩︎

jbash Feb 6, 2025, 1:32 PM
3 points
0
in reply to: Garrett Baker’s comment on: artifex0′s Shortform
This sort of tactic. This isn’t necessarily the best example, just the literal top hit on a Google search.

https://www.independent.co.uk/news/world/americas/us-politics/pam-bondi-ban-sanctuary-cities-funding-b2693020.html

The tactic of threatening to discriminate against uncooperative states and localities is getting a lot of play. It’s somewhat limited at the federal level because in theory the state and local policies they demand have to be related to the purpose of the money (and a couple of other conditions I don’t remember). But the present fashion is to push that relation to the absolute breaking point.

jbash Feb 5, 2025, 11:12 PM
9 points
3
in reply to: Martin Randall’s comment on: Wired on: “DOGE personnel with admin access to Federal Payment System”
Technically anything that’s authorized by the right people will pass an audit. If you’re the right person or group, you can establish a set of practices and procedures that allows access with absolutely none of those things, and use the magic words “I accept the risk” if you’re questioned. That applies even when the rules are actually laws; it’s just that then the “right group” is a legislative body. The remedy for a policy maker accepting risks they shouldn’t isn’t really something an auditor gets into.

So the question for an auditor is whether the properly adopted practices and procedures legitimately allow for whatever he’s doing (they probably don’t). But even if somebody with appropriate authority has established policies and procedures that do allow it, the question to ask as a superior policy maker, which is really where citizens stand, is whether it was a sane system of practices and procedures to adopt.

The issues you’re raising would indeed be common and appropriate elements for a sane system. But you’re missing a more important question that a sane system would ask: whether he needs whatever kind of administrative access to this thing at all.

Since another almost universal element of a sane system is that software updates or configuration changes to critical systems like that have to go through a multi-person change approval process, and since there is absolutely no way whatever he’s doing would qualify for a sanely-adopted emergency exception, and since there are plenty of other people available who could apply any legitimately accepted change, the answer to that is realistically always going to be “no”.

jbash Feb 5, 2025, 9:51 PM
42 points
7
on: Wired on: “DOGE personnel with admin access to Federal Payment System”
I haven’t looked into this in detail, and I’m not actually sure how unique a situation this is.

It’s pretty gosh-darned unheard of in the modern era.

Before the civil service system was instituted, every time you got a new President, you’d get random wholesale replacements… but the government was a lot smaller then.

To have the President,
- creating task forces of random people apparently selected mostly for personal loyalty, and
- sending them into legislatively established agencies,
- with the power to stop things from getting done or change how things are done, including things central to the missions of those agencies,
- as an intentional way of getting around the chain of command,
- explicitly because of systemic distrust in the civil service,
- actively tasked to suddenly and radically disrupt the prevailing procedures,
- without thinking about legislative mandates, let alone established regulations, that assume the normal chain of command in describing how things are to be done and who’s allowed to do them,
- justified by an at-best-controversial view of what powers the President actually has?
Yeah, that’s beyond unusual. It’s not even slightly normal. And it is in fact very coup-like behavior if you look at coups in other countries.

On edit: Oh, and if you’re asking about the approach to computer security specifically? That part is absolutely insane and goes against the way everything is done in essentially every large organization.

jbash Feb 5, 2025, 9:23 PM
7 points
2
in reply to: Garrett Baker’s comment on: artifex0′s Shortform

If you’re really concerned, then just move to california! Its much easier than moving abroad.

I lived in California long enough ago to remember when getting queer-bashed was a reasonable concern for a fair number of people, even in, say, Oakland. It didn’t happen daily, but it happened relatively often. If you were in the “out” LGBT community, I think you probably knew somebody who’d been bashed. Politics influence that kind of thing even if it’s not legal.

… and in the legal arena, there’s a whole lot of pressure building up on that state and local resistance. So far it’s mostly money-based pressure, but within a few years, I could easily see a SCOTUS decision that said a state had to, say, extradite somebody accused of “abetting an abortion” in another state.

War in the continental US? No, I agree that’s unlikely enough not to worry about.

Civil unrest, followed by violent crackdowns on civil unrest, followed by more violent civil unrest, followed by factional riots, on the other hand...

jbash Feb 5, 2025, 9:13 PM
5 points
2
in reply to: artifex0’s comment on: artifex0′s Shortform
I think that what you describe as being 2 to 15 percent probable sounds more extreme than what the original post described as being 5 percent probable. You can have “significant erosion” of some groups’ rights without leaving the country being the only reasonable option, especially if you’re not in those groups. It depends on what you’re trying to achieve by leaving, I guess.

Although if I were a trans person in the US right now, especially on medication, I’d be making, if not necessarily immediately executing, some detailed escape plans that could be executed on short notice.

jbash Feb 5, 2025, 6:49 PM
2 points
−9
in reply to: artifex0’s comment on: artifex0′s Shortform

My gut says it’s now at least 5%, which seems easily high enough to start putting together an emigration plan. Is that alarmist?

That’s a crazy low probability.

More generally, what would be an appropriate smoke alarm for this sort of thing?

You’re already beyond the “smoke alarm” stage and into the “worrying whether the fire extinguisher will work” stage.

jbash Feb 1, 2025, 9:44 PM
10 points
−10
in reply to: Mikhail Samin’s comment on: Mikhail Samin’s Shortform

But it’s very unclear whether they institutionally care.

There are certain kinds of things that it’s essentially impossible for any institution to effectively care about.