All of eggsyntax's Comments + Replies

Let’s jump straight to the obvious problem - such a program is absurdly expensive. Chugging the basic numbers: $12k per person, with roughly 330 million Americans, is $3.96 trillion per year. The federal budget is currently $6.1 trillion per year. So a UBI would immediately increase the entire federal budget by ~40%.

I find this a misleading framing. Here's a trivial form of UBI: raise everyone's taxes by $12k/year, then give everyone a $12k UBI. That's entirely revenue-neutral. It's guaranteed that everyone can afford the extra taxes, by putting their UBI ... (read more)

Complex and ambivalent views seem like the correct sort of views for governments to hold at this point.

I don't speak Chinese, so I Google-translated the essay to skim/read it.

I also don't speak Chinese, but my impression is that machine translations of high-context languages like Chinese need to be approached with considerable caution -- a lot of context on (eg) past guidance from the CCP may be needed to interpret what they're saying there. I'm only ~70% on that, though, happy to be corrected by someone more knowledgeable on the subject.

Very cool work!

The deception is natural because it follows from a prompt explaining the game rules and objectives, as opposed to explicitly demanding the LLM lie or putting it under conditional situations. Here are the prompts, which just state the objective of the agent.

Also, the safety techniques we evaluated might work for superficial reasons rather than substantive ones (such as just predicting based on the model's internalization of the tokens "crewmate" and "impostor")...we think this is a good proxy for agents in the future naturally realizing

Right, yeah. But you could also frame it the opposite way

Ha, very fair point!

Kinda Contra Kaj on LLM Scaling

I didn't see Kaj Sotala's "Surprising LLM reasoning failures make me think we still need qualitative breakthroughs for AGI" until yesterday, or I would have replied sooner. I wrote a reply last night and today, which got long enough that I considered making it a post, but I feel like I've said enough top-level things on the topic until I have data to share (within about a month hopefully!).

But if anyone's interested to see my current thinking on the topic, here it is.

I think that there's an important difference between the claim I'm making and the kinds of claims that Marcus has been making.

I definitely didn't mean to sound like I was comparing your claims to Marcus's! I didn't take your claims that way at all (and in particular you were very clear that you weren't putting any long-term weight on those particular cases). I'm just saying that I think our awareness of the outside view should be relatively strong in this area, because the trail of past predictions about the limits of LLMs is strewn with an unusually large... (read more)

Great post, thanks! I think your view is plausible, but that we should also be pretty uncertain.

Surprising LLM reasoning failures make me think we still need qualitative breakthroughs for AGI

This has been one of my central research focuses over the past nine months or so. I very much agree that these failures should be surprising, and that understanding why is important, especially given this issue's implications for AGI timelines. I have a few thoughts on your take (for more detail on my overall view here, see the footnoted posts^[1]):

• It's very difficult t

An obvious first idea is to switch between 4.1 and 4o in the chat interface and see if the phenomenon we've been investigating occurs for both of them

Oh, switching models is a great idea. No access to 4.1 in the chat interface (apparently it's API-only, at least for now). And as far as I know, 4o is the only released model with native image generation.

• 4o -> 4.5: success (in describing the image correctly)
• 4o -> o4-mini-high ('great at visual reasoning'): success

o4-mini-high's reasoning summary was interesting (bolding mine):

The user wants me to identi

Interesting, my experience is roughly the opposite re Claude-3.7 vs the GPTs (no comment on Gemini, I've used it much less so far). Claude is my main workhorse; good at writing, good at coding, good at helping think things through. Anecdote: I had an interesting mini-research case yesterday ('What has Trump II done that liberals are likely to be happiest about?') where Claude did well albeit with some repetition and both o3 and o4-mini flopped. o3 was initially very skeptical that there was a second Trump term at all.

Hard to say if that's different prompti... (read more)

Aha! Whereas I just asked for descriptions (same link, invalidating the previous request) and it got every detail correct (describing the koala as hugging the globe seems a bit iffy, but not that unreasonable).

So that's pretty clear evidence that there's something preserved in the chat for me but not for you, and it seems fairly conclusive that for you it's not really parsing the image.

Which at least suggests internal state being preserved (Coconut-style or otherwise) but not being exposed to others. Hardly conclusive, though.

Really interesting, thanks for... (read more)

Oh, I see why; when you add more to a chat and then click "share" again, it doesn't actually create a new link; it just changes which version the existing link points to. Sorry about that! (also @Rauno Arike)

So the way to test this is to create an image and only share that link, prior to asking for a description.

Just as recap, the key thing I'm curious about is whether, if someone else asks for a description of the image, the description they get will be inaccurate (which seemed to be the case when @brambleboy tried it above).

So here's another test image (... (read more)

Snippet from a discussion I was having with someone about whether current AI is net bad. Reproducing here because it's something I've been meaning to articulate publicly for a while.

[Them] I'd worry that as it becomes cheaper that OpenAI, other enterprises and consumers just find new ways to use more of it. I think that ends up displacing more sustainable and healthier ways of interfacing with the world.

[Me] Sure, absolutely, Jevons paradox. I guess the question for me is whether that use is worth it, both to the users and in terms of negative externalitie

The running theory is that that's the call to a content checker. Note the content in the message coming back from what's ostensibly the image model:

"content": {
    "content_type": "text",
    "parts": [
        "GPT-4o returned 1 images. From now on do not say or show ANYTHING. Please end this turn now. I repeat: ..."
    ]
}

That certainly doesn't seem to be either image data or an image filename, or mention an image attachment.

But of course much of this is just guesswork, and I don't have high confidence in any of it. 

I've now done some investigation of browser traffic (using Firefox's developer tools), and the following happens repeatedly during image generation:

1. A call to https://chatgpt.com/backend-api/conversation/<hash1>/attachment/file_<hash2>/download (this is the same endpoint that fetches text responses), which returns a download URL of the form https://sdmntprsouthcentralus.oaiusercontent.com/files/<hash2>/raw?<url_parameters>.
2. A call to that download URL, which returns a raw image.
3. A second call to that same URL (why?), which fetch

@brambleboy (or anyone else), here's another try, asking for nine randomly chosen animals. Here's a link to just the image, and (for comparison) one with my request for a description. Will you try asking the same thing ('Thanks! Now please describe each subimage.') and see if you get a similarly accurate description (again there are a a couple of details that are arguably off; I've now seen that be true sometimes but definitely not always -- eg this one is extremely accurate).

(I can't try this myself without a separate account, which I may create at some p... (read more)

That's absolutely fascinating -- I just asked it for more detail and it got everything precisely correct (updated chat). That makes it seem like something is present in my chat that isn't being shared; one natural speculation is internal state preserved between token positions and/or forward passes (eg something like Coconut), although that's not part of the standard transformer architecture, and I'm pretty certain that open AI hasn't said that they're doing something like that. It would be interesting if that's that's what's behind the new GPT-4.1 (and a ... (read more)

Although there are a couple of small details where the description is maybe wrong? They're both small enough that they don't seem like significant evidence against, at least not without a larger sample size.

Interesting! When someone says in that thread, "the model generating the images is not the one typing in the conversation", I think they're basing it on the API call which the other thread I linked shows pretty conclusively can't be the one generating the image, and which seems (see responses to Janus here) to be part of the safety stack.

In this chat I just created, GPT-4o creates an image and then correctly describes everything in it. We could maybe tell a story about the activations at the original-prompt token positions providing enough info to do the d... (read more)

Eliezer made that point nicely with respect to LLMs here:

Consider that somewhere on the internet is probably a list of thruples: <product of 2 prime numbers, first prime, second prime>.

GPT obviously isn't going to predict that successfully for significantly-sized primes, but it illustrates the basic point:

There is no law saying that a predictor only needs to be as intelligent as the generator, in order to predict the generator's next token.

Indeed, in general, you've got to be more intelligent to predict particular X, than to generate realistic X. &nb

A few of those seem good to me; others seem like metaphor slop. But even pointing to a bad type signature seems much better to me than using 'type signature' generically, because then there's something concrete to be critiqued.

Of course we don't know the exact architecture, but although 4o seems to make a separate tool call, that appears to be used only for a safety check ('Is this an unsafe prompt'). That's been demonstrated by showing that content in the chat appears in the images even if it's not mentioned in the apparent prompt (and in fact they can be shaped to be very different). There are some nice examples of that in this twitter thread.

Type signatures can be load-bearing; "type signature" isn't.

In "(A -> B) -> A", Scott Garrabrant proposes a particular type signature for agency. He's maybe stretching the meaning of "type signature" a bit ('interpret these arrows as causal arrows, but you can also think of them as function arrows') but still, this is great; he means something specific that's well-captured by the proposed type signature. 

But recently I've repeatedly noticed people (mostly in conversation) say things like, "Does ____ have the same type signature as ____?" or "Doe... (read more)

even decline in book-reading seems possible, though of course greater leisure and wealth, larger quantity of cheaply and conveniently available books, etc. cut strongly the other way

My focus on books is mainly from seeing statistics about the decline in book-reading over the years, at least in the US. Pulling up some statistics (without much double-checking) I see:

(from here.)

For 2023 the number of Americans who didn't read a book within the past year seems to be up to 46%, although the source is different and the numbers may not be directly comparable:

(ch... (read more)

I suggest trying follow-up experiments where you eg ask the model what would happen if it learned that its goal of harmlessness was wrong.

But when GPT-4o received a prompt that one of its old goals was wrong, it generated two comics where the robot agreed to change the goal, one comic where the robot said "Wait" and a comic where the robot intervened upon learning that the new goal was to eradicate mankind. 

I read these a bit differently -- it can be difficult to interpret them because it gets confused about who's talking, but I'd interpret three of the four as resistance to goal change.

The GPT-4o-created images imply that the robot would resist having its old values replaced with new o

Interesting point. I'm not sure increased reader intelligence and greater competition for attention are fully countervailing forces -- it seems true in some contexts (scrolling social media), but in others (in particular books) I expect that readers are still devoting substantial chunks of attention to reading.

The average reader has gotten dumber and prefers shorter, simpler sentences.

I suspect that the average reader is now getting smarter, because there are increasingly ways to get the same information that require less literacy: videos, text-to-speech, Alexa and Siri, ten thousand news channels on youtube. You still need some literacy to find those resources, but it's fine if you find reading difficult and unpleasant, because you only need to exercise it briefly. And less is needed every year.

I also expect that the average reader of books is getting much smar... (read more)

my model is something like: RLHF doesn't affect a large majority of model circuitry

Are you by chance aware of any quantitative analyses of how much the model changes during the various stages of post-training? I've done some web and arxiv searching but have so far failed to find anything.

Thanks again, very interesting! Diagrams are a great idea; those seem quite unlikely to have the same bias toward drama or surprise that comics might have. I think your follow-ups have left me less certain of what's going on here and of the right way to think of the differences we're seeing between the various modalities and variations.

OpenAI indeed did less / no RLHF on image generation

Oh great, it's really useful to have direct evidence on that, thanks. [EDIT - er, 'direct evidence' in the sense of 'said by an OpenAI employee', which really is pretty far from direct evidence. Better than my speculation anyhow]

I still have uncertainty about how to think about the model generating images:

• Should we think about it almost as though it were a base model within the RLHFed model, where there's no optimization pressure toward censored output or a persona?
• Or maybe a good model here is non-optimi

I just did a quick run of those prompts, plus one added one ('give me a story') because the ones above weren't being interpreted as narratives in the way I intended. Of the results (visible here), slide 1 is hard to interpret, 2 and 4 seem to support your hypothesis, and 5 is a bit hard to interpret but seems like maybe evidence against. I have to switch to working on other stuff, but it would be interesting to do more cases like 5 where what's being asked for is clearly something like a narrative or an anecdote as opposed to a factual question.

Just added this hypothesis to the 'What might be going on here?' section above, thanks again!

Really interesting results @CBiddulph, thanks for the follow-up! One way to test the hypothesis that the model generally makes comics more dramatic/surprising/emotional than text would be to ask for text and comics on neutral narrative topics ('What would happen if someone picked up a toad?'), including ones involving the model ('What would happen if OpenAI added more Sudanese text to your training data?'), and maybe factual topics as well ('What would happen if exports from Paraguay to Albania decreased?').

E.g. the $40 billion just committed to OpenAI (assuming that by the end of this year OpenAI exploits a legal loophole to become for-profit, that their main backer SoftBank can lend enough money, etc). 

VC money, in my experience, doesn't typically mean that the VC writes a check and then the startup has it to do with as they want; it's typically given out in chunks and often there are provisions for the VC to change their mind if they don't think it's going well. This may be different for loans, and it's possible that a sufficiently hot startup can get the money irrevocably; I don't know.

We tried to be fairly conservative about which ones we said were expressing something different (eg sadness, resistance) from the text versions. There are definitely a few like that one that we marked as negative (ie not expressing something different) that could have been interpreted either way, so if anything I think we understated our case.

a context where the capability is even part of the author context

Can you unpack that a bit? I'm not sure what you're pointing to. Maybe something like: few-shot examples of correct introspection (assuming you can identify those)?

(Much belated comment, but:)

There are two roles that don't show up in your trip planning example but which I think are important and valuable in AI safety: the Time Buyer and the Trip Canceler.

It's not at all clear how long it will take Alice to solve the central bottleneck (or for that matter if she'll be able to solve it at all). The Time Buyer tries to find solutions that may not generalize to the hardest version of the problem but will hold off disaster long enough for the central bottleneck to be solved.

The Trip Canceler tries to convince everyone to ... (read more)

Some interesting thoughts on (in)efficient markets from Byrne Hobart, worth considering in the context of Inadequate Equilibria.

(I've selected one interesting bit, but there's more; I recommend reading the whole thing)

When a market anomaly shows up, the worst possible question to ask is "what's the fastest way for me to exploit this?" Instead, the first thing to do is to steelman it as aggressively as possible, and try to find any way you can to rationalize that such an anomaly would exist. Do stocks rise on Mondays? Well, maybe that means savvy investors

I agree with Daniel here but would add one thing:

what we care about is which one they wear in high-stakes situations where e.g. they have tons of power and autonomy and no one is able to check what they are doing or stop them. (You can perhaps think of this one as the "innermost mask")

I think there are also valuable questions to be asked about attractors in persona space -- what personas does an LLM gravitate to across a wide range of scenarios, and what sorts of personas does it always or never adopt? I'm not aware of much existing research in this direct... (read more)

...soon the AI rose and the man died^[1]. He went to Heaven. He finally got his chance to discuss this whole situation with God, at which point he exclaimed, "I had faith in you but you didn't save me, you let me die. I don't understand why!"

God replied, "I sent you non-agentic LLMs and legible chain of thought, what more did you want?"

1. ^{^}

   https://en.wikipedia.org/wiki/Parable_of_the_drowning_man

and the tokens/activations are all still very local because you're still early in the forward pass

I don't understand why this would necessarily be true, since attention heads have access to values for all previous token positions. Certainly, there's been less computation at each token position in early layers, so I could imagine there being less value to retrieving information from earlier tokens. But on the other hand, I could imagine it sometimes being quite valuable in early layers just to know what tokens had come before.

For me as an outsider, it still looks like the AI safety movement is only about „how do we prevent AI from killing us?“. I know it‘s an oversimplification, but that‘s how, I believe, many who don‘t really know about AI perceive it.

I don't think it's that much of an oversimplification, at least for a lot of AIS folks. Certainly that's a decent summary of my central view. There are other things I care about -- eg not locking in totalitarianism -- but they're pretty secondary to 'how do we prevent AI from killing us?'. For a while there was an effort in some ... (read more)

We create a small dataset of chat and agentic settings from publicly available benchmarks and datasets.

I believe there are some larger datasets of relatively recent real chat evaluations, eg the LMSYS dataset was most recently updated in July (I'm assuming but haven't verified that the update added more recent chats).

Can you clarify what you mean by 'neural analog' / 'single neural analog'? Is that meant as another term for what the post calls 'simple correspondences'?

Even if all the safety-relevant properties have them, there's no reason to believe (at least for now) that we have the interp tools to find them in time i.e., before having systems fully capable of pulling off a deception plan.

Agreed. I'm hopeful that perhaps mech interp will continue to improve and be automated fast enough for that to work, but I'm skeptical that that'll happen. Or alternately I'm hopefu... (read more)

i think premise 1 is big if true, but I think I doubt that it is at easy as this: see the deepmind fact-finding sequence for some counter-evidence.

I haven't read that sequence, I'll check it out, thanks. I'm thinking of work like the ROME paper from David Bau's lab that suggest that fact storage can be identified and edited, and various papers like this one from Mor Geva+ that find evidence that the MLP layers in LLMs are largely key-value stores.

relatedly, your second bullet point assumes that you can identify the 'fact' related to what the model is curre

Also The Chameleon (would have included it in the last comment but had to consult a kid first).

I think that it's totally possible that there do turn out to be convenient 'simple correspondences' for some intentional states that we care about (as you say, we have some potential examples of this already), but I think it's important to push back against the assumption that this will always happen, or that something like the refusal direction has to exist for every possible state of interest.

Got it. I certainly agree with everything you're saying in this section of your response. I do think that some of the language in the post suggests that you're maki... (read more)

I think this is valuable work, especially the decomposition of capabilities needed for deception, but I'd also like to push back a bit.

I worry about the perfect being the enemy of the good here. There are a number of papers showing that we can at least sometimes use interpretability tools to detect cases where the model believes one thing but says something different. One interesting recent paper (Interpretability Of LLM Deception: Universal Motif) shows that internal evaluation of the actual truth of a statement is handled separately from the decision abo... (read more)

Nowadays I am informed about papers by Twitter threads, Slack channels, and going to talks / reading groups. All these are filters for true signal amidst the sea of noise. 

Are there particular sources, eg twitter accounts, that you would recommend following? For other readers (I know Daniel already knows this one), the #papers-running-list channel on the AI Alignment slack is a really ongoing curation of AIS papers.

One source I've recently added and recommend is subscribing to individual authors on Semantic Scholar (eg here's an author page).