= 27d567bc2d48d9f40e9ccc20ea370b15)
Seems like your usual 'independently verify everything the AI says' concept, only way more restrictive.
Meetup : NLP for large scale sentiment detection
Discussion article for the meetup : NLP for large scale sentiment detection
https://www.facebook.com/events/1243291579035965/
Our speaker is Alon Rozental, Lead Data Scientist at Amobee.
The talk:
Sentiment analysis is about the modest task of taking a text and figuring out what it's positive or negative about. Turns out it's rather hard. This talk will discuss one approach to the problem, which issues it tackles (like millions sentences per day and high level negation), where it falls flat, plans to improve the process and how the heck do you deal with an emoticon of a dolphin or and eggplant.
Meeting each other to chat at 19:00, presentation at 19:30
Amobee, Menachem Begin 125, Floor 36, Tel Aviv
Discussion article for the meetup : NLP for large scale sentiment detection
Meetup : Quantum Homeschooling
Discussion article for the meetup : Quantum Homeschooling
This time we have two talks:
Louise Fox will talk about homeschooling in Israel.
Zvi Schreiber will talk about interpretations of quantum mechanics.
It will be at Google Campus, 34th floor, and not the Google lecture hall where we have been meeting until recently.
You can call Joshua at 0545691165 if you have a hard time finding us.
Please RSVP at the Facebook Event https://www.facebook.com/events/1560682680921315/
Discussion article for the meetup : Quantum Homeschooling
MIRIx Israel, Meeting summary
Aur Saraf hosted a 3-hour MIRIx meeting on December 18. Yoav Hollander, chip verification pioneer and creator of the e verification language, was there, as well as MIRI Research Associate Vadim Kosoy. Also in attendance were Benjamin Fox, Ofer Mustigman, Matan Mor, Aur Saraf, Eli Sennesh, and Joshua Fox.
Our discussion had its roots in Eliezer Yudkowsky’s 2008 article, in which he suggested that FAI researchers take an example from “computer engineers prov[ing] a chip valid”. Yet, as Yoav pointed out (in a lecture at LessWrong Tel Aviv in October 2015), there are strong limitations on formal verification at all levels, from the smallest arithmetic component on a chip up to entire systems like an airport. Even something as simple as floating-point division can barely be proven formally; as we move up to higher levels of complexity, any formal proofs always rest on very tightly constrained specifications on the input and environment. It is impossible to prove even a tiny part of the full range of relevant predicates.
Formal verification has a role, but most verification is done dynamically, for example by running a simulation against test cases. The goal of this meeting was to come up with a list of directions for applying ideas from the verification world to FAI research.
The state of FAI research
Vadim Kosoy described the state of the art in FAI research, catching us up on the last few years of MIRI’s work. FAI research can be divided into three levels: Modules, optimization under self improvement, and the selection of a human-compatible goal function.
I. Most basically, we can verify lower level modules that can make up an AGI.
II. Second -- and this is most of the research effort -- we can make sure that future AIs optimize for a given implicit human-compatible goal function, even as they grow in strength.
MIRI is focused on accomplishing this with verifiable goal preservation under self-improvement. Some other ideas include:
- Agents that are deliberately kept weak.
- Limited intelligence AIs evaluated on their mathematical ability, but with no knowledge of physics or our real world. (Such AIs might not be strong in induction given real-world physics, but at least this evaluation procedure might allow the relatively safe development of a certain kind of AI.)
- AIs locked in cryptographic boxes. They run with homomorphic encryption that prevents any side effects of their computation from being revealed to the outside world: Only their defined output can reach us.
Such an AI could still accomplish a lot, while keeping potentially dangerous information from us. As an illustration, you might ask it to prove the Riemann Hypothesis, also passing in a proof verifier. Operating under the protection of homomorphic encryption, the AI might find a proof for the Riemann Hypothesis and feeds it to the proof verifier. It outputs a single bit “Yes, there is a proof to the Riemann Hypothesis,” but it never shows us the proof.
- Negative utility for any act of self-analysis.
- Corrigibility: Ensuring that the AI will allow us to turn it off if we so wish, typically by carefully defining its utility function.
III. The third area of FAI research is in choosing a goal function that matches human values, or, less ambitiously, a function that has some characteristics that match human values.
Verification for Autonomous Robots
Yoav Hollander asked to focus on autonomous robots like drones and self-driving cars, given the extreme difficulties in verification for AGIs--while fully recognizing the different natures of the challenges.
The state of the art in validating safety for these systems is pretty basic. There is some work on formal verification of some aspects of autonomous robots (e.g. here), and some initial work on dynamic, coverage-driven verification (e.g. here). The most advanced work in autonomous vehicle verification consists of dynamic verification of the entire software stack on automatically generated scenarios. These scenarios are based on recordings of video, LIDAR and other sensors taken while driving real roads; interesting events like pedestrians jumping on the road are superimposed on these.
An important model for robot behavior is “Belief, Desire, Intention” (BDI), which is expressed in the AgentSpeak language (among others). The Jason Java-based interpreter (among others) then execute these behavioral models.
We can connect the three areas of FAI research (above) to the work of autonomous robot engineers:
-
Analyzing the modules is a good idea, though figuring out what the modules would be in an FAI is not easy..
-
Optimizing goal functions according to our true intentions--Do What I Mean--is relevant for autonomous robots just as it would be for an AGI.
-
Choosing a utility function looks a bit more difficult if we don't have the AI-under-test to output even a half-page description of its preferences that humans would read. There is no clear way to identify unexpected perversities fully automatically, even in the limited autonomous robots of today.
Safety Tools for AI Development
Aur Saraf suggested a software tool that checks a proposed utility function for ten simple perversities. Researchers are urged to run it before pressing the Big Red Button.
After a few runs, the researcher would start to abandon their facile assumptions about the safety of their AI. For example, the researcher runs it and learns that “Your AI would have turned us all into paperclips”. The researcher fixes the problem, runs the tool and learns “Your improved AI would have cryogenically frozen all us.” Again, the researcher fixes the AI and runs the tool, which answers “Your twice-fixed AI would have turned the universe into a huge blob of molten gold.” At this point, maybe they would start realizing the danger.
If we can create an industry-standard “JUnit for AGI testing,” we can then distribute safety testing as part of this AGI. The real danger in AGI, as Vadim pointed out, is that a developer has a light finger on the Run button while developing the AI. (“Let’s just run it for a few minutes, see what happens") A generic test harness for AGI testing, which achieves widespread distribution and might be a bother for others to reimplement, could then be a platform for ensuring much more awareness and care about safety among AI developers, as per the “perversity checker” mentioned by Aur.
________
Notes:
-
Here is Yoav’s summary of his opinions on this, as formed after the meeting.
-
Thanks to Aur Saraf for the notes on which this is based and to other participants for comments. Any flaws are mine.
Meetup : Biases and making better decisions
Discussion article for the meetup : Biases and making better decisions
We're going to have a meetup on Tuesday, Sep. 1, at Google Tel Aviv offices, Electra Tower, 98 Yigal Alon St., Tel Aviv.
Yonatan Cale will discuss 2 topics in today's lecture: - Biases: The cognitive mistakes we have as humans. Noticing and overcoming our biases is one of the core topics of LessWrong. - Decision making: A new method designed to let us make better decisions, easily, to advance our own goals.
We'll meet at the 29th floor of the building (not the one with Google Campus) at 19:00. If you arrive and can't find your way around, call Anatoly who's hosting us at 054-245-1060 or Joshua Fox at 0545691165.
If you have FB, please click "Join" at the FB page so we can get a sense of attendance. https://www.facebook.com/events/109945732685336/
Discussion article for the meetup : Biases and making better decisions
Sure, but to "independently verify" the output of an entity smarter than you is generally impossible. This makes it possible, while also limiting the potential of the boxed AI to choose its answers.
In response to
Gatekeeper variation
Objection 1 seems really strong. The kinds of problems that AGI would be better at than non-general-intelligences are those with ambiguity. If it was just a constraint-solver, it wouldn't be a threat in the first place.
Similarly, with such a restricted output channel, there's little-to-no point in making it have agency to begin with. We're deep in 'tool AI' territory. The incentives to leave this territory would remain.
Thanks. Those points are correct. Is there any particular weakness or strength to this UP-idea in contrast to Oracle, tool-AI, or Gatekeeper ideas?
Gatekeeper variation
A new variation on the Gatekeeper idea, thanks to Zvi Schreiber.
We block all but one IO channel for our AGI.
We create a formally verified proof-verification system as a gatekeeper. We pass the Gatekeeper a decision problem with a formal proof that it is in the complexity class UP ("Unambiguous Non-deterministic Polynomial-time"). The Gatekeeper verifies the proof, and passes the decision problem to the AGI. If the AGI provides an answer, the Gatekeeper validates that this is the unique valid answer (which it can do in polynomial time) and if so it passes the answer to us.
The advantage of this approach over one-bit and other Oracles is that the AI can do some useful problem solving with zero discretion as to the data it communicates. It can either give the unique answer or no answer at all. Such a gatekeeper is feasible with today's technology.
To keep the AGI from communicating by choosing the timing of its answer, the Gatekeeper always communicates the answer (or the fact that there it is not yet one from the AGI) after exactly 1 hour.
(The idea of restricting an Oracle AI to choosing from predetermined list of verifiable answers has been mentioned, but I don't remember anyone adding this formalism.)
The usual caveats on Oracles apply. Like other Oracles, this is a stopgap rather than a solution to the FAI problem.
- The laws of physics still give the AGI a causal link to its environment, even if it is in a Faraday cage.
- Even a one-bit Oracle AI can exert optimization power when asked multiple questions.
- Answers aren't enough to ensure safety: We may be asking the wrong questions or not understanding the implications of the answers.
Objections specific to this idea:
- Only certain problems can be fed to the AGI, and perhaps not the relevant ones. However, UP includes integer factorization and other interesting problems, suggesting that this could be a useful tool.
- This idea does not say that the AGI has figured out how to do all UP in polynomial time, just that it has figured out fast solutions for a larger subset of UP than humans have. So the additional optimization power exerted by the AGI may not be very large.
Meetup : Logical Counterfactuals, Tel Aviv
Discussion article for the meetup : Logical Counterfactuals, Tel Aviv
Vladimir Slepnev, who is visiting Tel Aviv, will be giving a talk on logical counterfactuals. We'll meet at 19.00 on Tuesday, August 4 Google, 98 Yigal Alon Street, Tel Aviv, 29th floor (not the Google Campus Floor). We will then move to another room. Vladimir has done advanced research, together with MIRI, on reflective decision theory and related topics. You can read some of his work at cousin_it on LessWrong and under his own name at Intelligent Agent Foundations. If you have Facebook, please confirm at the FB Event so we can get a sense of the number of attendees https://www.facebook.com/events/108233322857656/
Discussion article for the meetup : Logical Counterfactuals, Tel Aviv
The only one I can think of (though I can't find the specific article) is Goertzel's description of an architecture where the guardian component is separate from the main AGI
You're probably thinking of GOLEM. The Gödel machine is another proposal along somewhat similar lines.
Some discussions more directly related to your suggestion could be:
- Roman Yampolskiy's proposal for "safe questions"
Our proposed protocol is based on the idea of asking what we will call ‘safe questions’ with restricted answers. We define a safe question as one for which a human being could find an answer without any help from superintelligence, all on his own merit. Why is this useful? Suppose that a scientist working on a cure for cancer is looking at two potential cures. Each one could be developed and tested without assistance from the AI, but would take about 3 years of hard work each. Which one to try first if the scientist believes that they have about an equal chance of working? If a wrong option is chosen to be tested first, humanity will still obtain a cure for cancer but it will happen 3 years later. What if we could ask the AI to suggest which option to try first? [...]
To make sure that a potential question is safe, a group of experts could be used to review it. The experts should all be trained AI safety engineers, meaning that they are familiar with the design of the AI and its confinement environment as well as the latest developments in machine ethics (Allen et al., 2006; Anderson & Anderson, 2007; Hall, 2000; Moor, 2006; Tonkens, 2009). Experts may also need to be trained in computer psychology a currently non-existent profession which might become a reality in the future (Epstein, 1997). [...]
The limited outbound channel shell consist of binary (0 or 1) answers next to original unmodified safe questions presented by the intermediary non-intelligent software in random order as to avoid communication via covert timing or resource channels which make steganography possible. The output should in no way be controllable by the AI, outside of the multiple choice menu.
- "Thinking inside the box" (section 3.1.) also has some discussion about restricting an AGI's outputs to be safe by selecting the questions to be asked appropriately. There was also some discussion along these lines in the beginning of chap. 10 of Superintelligence, e.g., running multiple copies of different Oracles and comparing their answers with each other to avoid deception - "the answers of the different oracles have to match each other" could be a simple and formally definable criteria.
Thank you, Kaj. Those references are what I was looking for.
It looks like there might be a somewhat new idea here. Previous suggestions, as you mention, restrict output to a single bit; or require review by human experts. Using multiple AGI oracles to check each other is a good one, though I'd worry about acausal coordination between by the AGIs, and I don't see that the safety is provable beyond checking that answers match.
This new variant gives the benefit of provable restrictions and the relative ease of implementing a narrow-AI proof system to check it. It's certainly not the full solution to the FAI problem, but it's a good addition to our lineup of partial or short-term solutions in the area of AI Boxing and Oracle AI.
I'll get this feedback to the originator of this idea and see what can be made of it.
View more: Next
= b715d02e85f7b3b4ae65ca3d3e450868)
Subscribe to RSS Feed
= f037147d6e6c911a85753b9abdedda8d){kind=logo}
This wont work, like with all other similar schemes, because you can't "prove" the gatekeeper down to the quark level of what makes its hardware (so you're vulnerable to some kind of side-attack, like the memory bit flipping attack that was spoken about recently), nor shield the AI from being able to communicate through side channels (like, varying the temperature of its internal processing unit which it turns will influence the air conditioning system, ...).
And that's not even considering that the AI could actually discover new physics (new particles, ...) and have some ability to manipulate them with its own hardware.
This whole class of approach can't work, because there are just too many ways for side-attacks and side-channels of communication, and you can't formally prove none of them are available, without going down to making proof over the whole (AI + gatekeeper + power generator + air conditioner + ...) down at Schrödinger equation level.
You're quite right--these are among the standard objections for boxing, as mentioned in the post. However, AI boxing may have value as a stopgap in an early stage, so I'm wondering about the idea's value in that context.