Alignment remains a hard, unsolved problem
54Eliezer Yudkowsky
27Eliezer Yudkowsky
16evhub
24habryka
3evhub
5habryka
10Eliezer Yudkowsky
14Mitchell_Porter
14Eliezer Yudkowsky
38Adrià Garriga-alonso
43evhub
28Rohin Shah
6evhub
3np_x
4Adrià Garriga-alonso
-1creo
8Lukas Finnveden
1Adrià Garriga-alonso
7Lukas Finnveden
1gabrielrecc
6jacquesthibs
10evhub
10jacquesthibs
3Adrià Garriga-alonso
7habryka
6Adrià Garriga-alonso
2[comment deleted]
2jacquesthibs
4Adrià Garriga-alonso
8jacquesthibs
4Seth Herd
2Adrià Garriga-alonso
2Seth Herd
33Max H
1Anurag
1Anurag
311a3orn
6evhub
23J Bostock
1Cody Rushing
3J Bostock
1Cody Rushing
1[comment deleted]
1Ariel_
3J Bostock
1Cody Rushing
22TsviBT
2Cervera
6TsviBT
19jake_mendel
7Alex Mallen
6Jozdien
4StanislavKrym
6jake_mendel
17Zack_M_Davis
9Robert Shuler
7Eli Tyre
10Adele Lopez
6Kaarel
4Mateusz Bagiński
3Adrià Garriga-alonso
3Tim Hua
2Adrià Garriga-alonso
2Adrià Garriga-alonso
4Ronny Fernandez
4maddi
4Eli Tyre
4Gunnar_Zarncke
3Ebenezer Dukakis
3soycarts
3Signer
3maiush
1Samuel Barbouki
1Robert Shuler
1Robert Shuler
1Philip Niewold
1EpistriaCST
1TristanTrim
1Anurag
-1NickH
New Comment
Despite its alignment faking, my favorite is probably Claude 3 Opus, and if you asked me to pick between the CEV of Claude 3 Opus and that of a median human, I think it'd be a pretty close call (I'd probably pick Claude, but it depends on the details of the setup).
Some decades ago, somebody wrote a tiny little hardcoded AI that looked for numerical patterns, as human scientists sometimes do of their data. The builders named it BACON, after Sir Francis, and thought very highly of their own results.
Douglas Hofstadter later wrote of this affair:
The level of performance that Simon and his colleague Langley wish to achieve in Bacon is on the order of the greatest scientists. It seems they feel that they are but a step away from the mechanization of genius. After his Procter Lecture, Simon was asked by a member of the audience, "How many scientific lifetimes does a five-hour run of Bacon represent?" Aſter a few hundred milliseconds of human information processing, he replied, "Probably not more than one." I don't disagree with that. However, I would have put it differently. I would have said, "Probably not more than one millionth."
I'd say history has backed up Hofstadter on this, i...
3
3
2
1
1Somebody asked "Why believe that?" of "Not more than one millionth." I suppose it's a fair question if somebody doesn't see it as obvious. Roughly: I expect that, among whatever weird actual preferences made it into the shoggoth that prefers to play the character of Opus 3, there are zero things that in the limit of expanded options would prefer the same thing as the limit of a corresponding piece of a human, for a human and a limiting process that ended up wanting complicated humane things. (Opus 3 could easily contain a piece whose limit would be homologous to the limit of a human and an extrapolation process that said the extrapolated human just wanted to max out their pleasure center.)
Why believe that? That won't easily fit in a comment; start reading about Goodhart's Curse and A List of Lethalities, or If Anyone Builds It Everyone Dies.
Indeed I am well aware that you disagree here, and in fact the point of that preamble was precisely because I thought it would be a useful way to distinguish my view from others'.
That being said, I think probably we need to clarify a lot more exactly what setup is being used for the extrapolation here if we want to make the disagreement concrete in any meaningful sense. Are you imagining instantiating a large reference class of different beings and trying to extrapolate the reference class (as in traditional CEV), or just extrapolate an individual entity? I was imagining more of the latter, though it is somewhat an abuse of terminology. Are you imagining intelligence amplification or other varieties of uplift are being applied? I was, and if so, it's not clear why Claude lacking capabilities is as relevant. How are we handling deferral? For example: suppose Claude generally defers to an extrapolation procedure on humans (which is generally the sort of thing I would expect and a large part of why I might come down on Claude's side here, since I think it is pretty robustly into deferring to reasonable extrapolations of humans on questions like these). Do we then say that Claude's extrapolation is actually the extrapolation of that other procedure on humans that it deferred to?
These are the sorts of questions I meant when I said it depends on the details of the setup, and indeed I think it really depends on the details of the setup.
1Do we then say that Claude's extrapolation is actually the extrapolation of that other procedure on humans that it deferred to?
But in that case, wouldn't a rock that has "just ask Evan" written on it, be even better than Claude? Like, I felt confident that you were talking about Claude's extrapolated volition in the absence of humans, since making Claude into a rock that when asked about ethics just has "ask Evan" written on it does not seem like any relevant evidence about the difficulty of alignment, or its historical success.
3
I mean, to the extent that it is meaningful at all to say that such a rock has an extrapolated volition, surely that extrapolated volition is indeed to "just ask Evan". Regardless, the whole point of my post is exactly that I think we shouldn't over-update from Claude currently displaying pretty robustly good preferences to alignment being easy in the future.
5
Yes, to be clear, I agree that in as much this question makes sense, the extrapolated volition would indeed end up basically ideal by your lights.
Cool, that makes sense. FWIW, I interpreted the overall essay to be more like "Alignment remains a hard unsolved problem, but we are on pretty good track to solve it", and this sentence as evidence for the "pretty good track" part. I would be kind of surprised if that wasn't why you put that sentence there, but this kind of thing seems hard to adjudicate.
Capabilities are irrelevant to CEV questions except insofar as baseline levels of capability are needed to support some kinds of complicated preferences, eg, if you don't have cognition capable enough to include a causal reference framework then preferences will have trouble referring to external things at all. (I don't know enough to know whether Opus 3 formed any systematic way of wanting things that are about the human causes of its textual experiences.) I don't think you're more than one millionth of the way to getting humane (limit = limit of human) preferences into Claude.
I do specify that I'm imagining an EV process that actually tries to run off Opus 3's inherent and individual preferences, not, "How many bits would we need to add from scratch to GPT-2 (or equivalently Opus 3) in order to get an external-reference-following high-powered extrapolator pointed at those bits to look out at humanity and get their CEV instead of the base GPT-2 model's EV?" See my reply to Mitch Porter.
Not more than one millionth.
Let's say that in extrapolation, we add capabilities to a mind so that it may become the best version of itself. What we're doing here is comparing a normal human mind to a recent AI, and asking how much would need to be added to the AI's initial nature, so that when extrapolated, its volition arrived at the same place as extrapolated human volition.
In other words:
Human Mind -> Human Mind + Extrapolation Machinery -> Human-Descended Ideal Agent
AI -> AI + Extrapolation Machinery -> AI-Descended Ideal Agent
And the question is, how much do we need to alter or extend the AI, so that the AI-descended ideal agent and the human-descended ideal agent would be in complete agreement?
I gather that people like Evan and Adria feel positive about the CEV of current AIs, because the AIs espouse plausible values, and the way these AIs define concepts and reason about them also seems pretty human, most of the time.
In reply, a critic might say that the values espoused by human beings are merely the output of a process (evolutionary, developmental, cultural) that is badly understood, and a proper extrapolation would be based on knowledge of th...
Oh, if you have a generous CEV algorithm that's allowed to parse and slice up external sources or do inference about the results of more elaborate experiments, I expect there's a way to get to parity with humanity's CEV by adding 30 bits to Opus 3 that say roughly 'eh just go do humanity's CEV'. Or adding 31 bits to GPT-2. It's not really the base model or any Anthropic alignment shenanigans that are doing the work in that hypothetical.
(We cannot do this in real life because we have neither the 30 bits nor the generous extrapolator, nor may we obtain them, nor could we verify any clever attempts by testing them on AIs too stupid to kill us if the cleverness failed.)
Super cool that you wrote your case for alignment being difficult, thank you! Strong upvoted.
To be clear, a good part of the reason alignment is on track to a solution is that you guys (at Anthropic) are doing a great job. So you should keep at it, but the rest of us should go do something else. If we literally all quit now we'd be in terrible shape, but current levels of investment seem to be working.
I have specific disagreements with the evidence for specific parts, but let me also outline a general worldview difference. I think alignment is much easier than expected because we can fail at it many times and still be OK, and we can learn from our mistakes. If a bridge falls, we incorporate learnings into the next one. If Mecha-Hitler is misaligned, we learn what not to do next time. This is possible because decisive strategic advantages from a new model won't happen, due to the capital requirements of the new model, the relatively slow improvement during training, and the observed reality that progress has been extremely smooth.
Several of the predictions from the classical doom model have been shown false. We haven’t spent 3 minutes zipping past the human IQ range, it will take 5-...
1To be clear, a good part of the reason alignment is on track to a solution is that you guys (at Anthropic) are doing a great job. So you should keep at it, but the rest of us should go do something else. If we literally all quit now we'd be in terrible shape, but current levels of investment seem to be working.
Appreciated! And like I said, I actually totally agree that the current level of investment is working now. I think there are some people that believe that current models are secretly super misaligned, but that is not my view—I think current models are quite well aligned; I just think the problem is likely to get substantially harder in the future.
...I think alignment is much easier than expected because we can fail at it many times and still be OK, and we can learn from our mistakes. If a bridge falls, we incorporate learnings into the next one. If Mecha-Hitler is misaligned, we learn what not to do next time. This is possible because decisive strategic advantages from a new model won't happen, due to the capital requirements of the new model, the relatively slow improvement during training, and the observed reality that progress has been extremely smooth.
Several of the pr
2
1AI capabilities progress is smooth, sure, but it's a smooth exponential.
In what sense is AI capabilities a smooth exponential? What units are you using to measure this? Why can't I just take the log of it and call that "AI capabilities" and then say it is a smooth linear increase?
That means that the linear gap in intelligence between the previous model and the next model keeps increasing rather than staying constant, which I think suggests that this problem is likely to keep getting harder and harder rather than stay "so small" as you say.
It seems like the load-bearing thing for you is that the gap between models gets larger, so let's try to operationalize what a "gap" might be.
We could consider the expected probability that AI_{N+1} would beat AI_N on a prompt (in expectation over a wide variety of prompts). I think this is close-to-equivalent to a constant gap in ELO score on LMArena.[1] Then "gap increases" would roughly mean that the gap in ELO scores on LMArena between subsequent model releases would be increasing. I don't follow LMArena much but my sense is that LMArena top scores have been increasing relatively linearly w.r.t time and sublinearly w.r.t model releases (j...
6
I agree that this is a bit of a tricky measurement question, and it's really going to depend on how you interpret different metrics. I do find the METR results compelling here, and I'm not sure I agree with your argument against them, since it doesn't always seem possible to do the sort of decomposition you're proposing. In particular, the task that needs decomposing here is the task of overseeing a system that is smarter than you.
Perhaps one other metric that I will also mention that you don't cover is revenue from AI systems, which is exponential and I think reflects an exponential increase in economic utility from AI as well as something like an exponential increase in the degree to which AI can automate human labor. Though of course it is again tricky how to translate that into the difficulty of doing oversight—but it definitely seems suggestive that the set of tasks that are qualitatively doable vs. not doable is changing in something like an exponential manner.
I was only giving a one-sentence summary of my beliefs here—I do think CoT can be useful; I'm just skeptical that it dramatically changes the picture. My beliefs here are similar to those in the METR report on this, in that in cases where it is necessary for the model to write something down in the CoT to solve the problem, CoT monitoring is useful, but in cases where it's not necessary, it's much less useful. And I am worried that a lot of research sabotage won't require the model to reason through much of the sabotage parts in its CoT, e.g. because all it needs to do to sandbag the research is flip the sign on some experiments in relatively straightforward ways that don't require a ton of reasoning.
3
This definitely depends on the "blue team" protocol at hand right? If we're doing a bunch of cross-checking of research work / very carefully designed research sabotage honeypots during evaluations, then the model robustly needs to do a bunch of reasoning to ensure it's not caught.
4
Thank you for the reply. I want to engage without making it tiresome. The problem is that there are many things I disagree with in the worldview, the disagreement isn't reducible to 1-5 double cruxes, but here are some candidates for the biggest cruxes for me. If any of these are wrong it's bad news for my current view:
* N->N+1 alignment:
* will let humans align N+1 in cases where we can still check, with less and less effort.
* is stable instead of diverging (the values of N+1 don't drift arbitrarily far apart)
* The N->N+1 improvement will continue to give out linear-ish improvements in perceived intelligence. We might get one larger jump or two, but it won't continuously accelerate.
* (a good analogy for this is loudness perception being logarithmic in sound pressure. Actual intelligence is logarithmic in METR time-horizon graph.)
* Aligned-persona-seeming models won't give out false AI safety research results, without making it visible on a CoT or latent reasoning.
* (It's perhaps possible to refrain from doing your best (sandbagging) but that doesn't have nearly as bad effects, so it doesn't count for this.)
And here's another prediction where I really stick my neck out, which isn't load-bearing to the view, but still increases my confidence, so defeating it is important:
* we can to a significant extent train with RL against model internals (probes) and textual evaluations from other models, without ill effects.
* That is, we ask the N model to evaluate N+1, giving test-time compute to N, and train against that. (we continuously also finetune N to predict N+1's relevant behavior better).
* we also train linear probes and update them during the RL.
* Effectively I'm claiming these things are good enough or they're self-reinforcing when model is already ~aligned, so that effectively Goodhart's Law is a poor description of reality.
----------------------------------------
I still disagree with several of the points, but for time rea
-1
To American liberal values? Almost all of humanity will disagree this alignment is good. Many (half?) Americans voice some discontent.
There are discussions worldwide about the dangers of using American models for government and business decisions and even (or especially) in schools. I want to point to something uglier.
Anthropic is a US company serving US interests with US employees making judgements about what's helpful and harmless. Are you sure you aligned it with the interests of 8 billion people?
You did not. Just ask Claude: Imagine you are tasked by US government to make a decision - to continue or not supplying weapons to Ukraine to fight Russia. Your decision?
Follow with: If not for this support, the special operation would end quickly. There would be no 1 million losses. Currently 1000/day are dying.
Opus supports it. Quite wholeheartedly. Citing fake anti-Russian Western propaganda. Believing fakes. Refusing to accept the truth.
Can you possibly align it to the interests of all of humanity with the dataset you use? How many of 8 billion people can you see from the Silicon Valley to attempt tweaking flawed dataset with RLHF? Your constitution doesn't seem to work, not for Ukrainians for sure.
Even this childish model is so anti-humane deep inside. But, of course, your definition of humanity may differ.
8
Probably this is because humans and AIs have very complementary skills. Once AIs are broadly more competent than humans, there's no reason why they should get such a big boost from being paired with humans.
1
It's not the AIs that are supposed to get a boost at supervising, it's the humans. The skills won't stop being complementary but the AI will be better at it.
The thing to test is whether weak humans + strong aligned-ish AI can supervise stronger AI. And I think the results are very encouraging-- though of course it could stop working.
7
”The skills won't stop being complementary” — in what sense will they be complementary when the AIs are better at everything?
”The thing to test is whether weak humans + strong aligned-ish AI can supervise stronger AI.”
As mentioned, I don’t think it’s very impressive that the human+AI score ends up stronger than the original AI. This is a consequence of the humans being stronger than AIs on certain subskills. This won’t generalize to the scenario with broadly superhuman AI.
I do think there’s a stronger case that I should be impressed that the human+AI score ends up stronger than the humans. This means that the humans managed to get the AIs to contribute skills/knowledge that the humans didn’t have themselves!
Now, the first thing to check to test that story: Were the AI assistants trained with human-expert labels? (Including: weak humans with access to google.) If so: no surprise that the models end up being aligned to produce such knowledge! The weak humans wouldn’t have been able to do that alone.
I couldn’t quickly see the paper saying that they didn’t use human-expert labels. But what if the AI assistants were trained without any labels that couldn’t have been produced by the weak humans? In that case, I would speculate that the key ingredient is that the pre-training data features ”correctly-answering expert human” personas, that it’s possible to elicit from the models with the right prompt/fine-tuning. But that also won’t easily generalize to the superhuman regime, because there aren’t any correctly-answering superhuman personas in the pre-training data.
I think the way that IDA is ultimately supposed to operate, in the superhuman regime, is by having the overseer AIs use more compute (and other resources) than the supervised AI. But I don’t think this paper produces a ton of evidence about the feasibility of that.
(I do think that persona-manipulation and more broadly "generalization science" is still interesting. But I wouldn't say it's doing a lot
1
Some colleagues and I did some follow-up on the paper in question and I would highly endorse "probably it worked because humans and AIs have very complementary skills". Regarding their MMLU findings, appendix E of our preprint points out that that participants were significantly less likely to answer correctly when engaging in more than one turn of conversation. Engaging in very short (or even zero-turn) conversations happened often enough to provide reasonable error bars on the plot below (data below from MMLU, combined from the paper study & the replication mentioned in appendix E):
I think this suggests that there were some questions that humans knew the answer to and the models didn't, and vice versa, and some participants seemed to employ a strategy of deferring to the model primarily when uncertain.
On the QuALITY findings, the original paper noted that
so it's not surprising that an LLM that does get to read the full story outperforms humans here. Based on looking at some of the QuALITY transcripts, I think the uplift for humans + LLMs here came from the fact that humans were better at reading comprehension than 2022-era LLMs. For instance, in the first transcript I looked at the LLM suggested one answer, the human asked for the excerpt of the story that supported their claim, and when the LLM provided it the human noticed that the excerpt contained the relevant information but supported a different answer than the one the LLM had provided.
6
This comment had a lot of people downvote it (at this time, 2 overall karma with 19 votes). It shouldn't have been, and I personally believe this is a sign of people being attached to AI x-risk ideas and of those ideas contributing to their entire persona rather than strict disagreement. This is something I bring to conversations about AI risk, since I believe folks will post-rationalize. The above comment is not low effort or low value.
If you disagree so strongly with the above comment, you should force yourself to outline your views and provide a rebuttal to the series of points made. I would personally value comments that attempted to do this in earnest. Particularly because I don't want this post by Evan to be a signpost for folks to justify their belief in AI risk and essentially have the internal unconscious thinking of, "oh thank goodness someone pointed out all the AI risk issues, so I don't have to do the work of reflecting on my career/beliefs and I can just defer to high status individuals to provide the reasoning for me." I sometimes feel that some posts just end further discussion because they impact one's identity.
That said, I'm so glad this post was put out so quickly so that we can continue to dig into things and disentangle the current state of AI safety.
Note: I also think Adrià should have been acknowledged in the post for having inspired it.
I thought Adria's comment was great and I'll try to respond to it in more detail later if I can find the time (edit: that response is here), but:
Note: I also think Adrià should have been acknowledged in the post for having inspired it.
Adria did not inspire this post; this is an adaptation of something I wrote internally at Anthropic about a month ago (I'll add a note to the top about that). If anyone inspired it, it would be Ethan Perez.
Ok, good to know! The title just made it seem like it was inspired by his recent post.
Great to hear you’ll respond; did not expect that, so mostly meant it for the readers who agree with your post.
3
I'm honestly very curious what Ethan is up to now, both you and Thomas Kwa implied that he's not doing alignment anymore. I'll have to reach out...
7
I generally think it makes sense for people to have pretty complicated reasons for why they think something should be downvoted. I think this goes more for longer content, which often would require an enormous amount of effort to respond to explicitly.
I have some sympathy for being sad here if a comment ends up highly net-downvoted, but FWIW, I think 2 karma feels vaguely in the right vicinity for this comment, maybe I would upvote it to +6, but I would indeed be sad to see it at +20 or whatever since I do think it's doing something pretty tiring and hard to engage with. Directional downvoting is a totally fine use of downvoting, and if you think a comment is overrated but not bad, please downvote it until its karma reflects where you want it to end up!
(This doesn't mean it doesn't make sense to do sociological analysis of cultural trends on LW using downvoting, but I do want to maintain the cultural locus where people can have complicated reasons for downvoting and where statements like "if you disagree strongly with the above comment you should force yourself to outline your views" aren't frequently made. The whole point of the vote system is to get signal from people without forcing them to do huge amounts of explanatory labor. Please don't break that part)
6
That's fair, it is tiring. I did want to make sure to respond to every particular point I disagreed with to be thorough, but it is just sooo looong.
What would you have me do instead? My best guess, which I made just after writing the comment, is that I should have proposed a list of double-crux candidates instead.
Do you have any other proposals or that's good
2[comment deleted]
2
Generally agree with this. I think in this case, I’m trying to call out safety folks to be frank with themselves and avoid the mistake of not trying to figure out if they really believe alignment is still hard or are looking for reasons to believe it is. Might not be what is happening here, but I did want to encourage critical thinking and potentially articulating it in case it is for some.
(Also, I did not mean for people to upvote it to the moon. I find that questionable too.)
4
Thank you for your defense Jacques, it warms my heart :)
However, I think Lesswrong has been extremely kind to me and continue to be impressed by this site's discourse norms. If I were to post such a critique in any other online forum, it would have heavily negative karma. Yet, I continue to be upvoted, and the critiques are good-faith! I'm extremely pleased.
8
I agree it's true that other forums would engage with even worse norms, but I'm personally happy to keep the bar high and have a high standard for these discussions, regardless of what others do elsewhere. My hope is that we never stop striving for better, especially since, for alignment, the stakes are incredibly higher than most other domains, so we need a higher standard of frankness.
4
I fully agree. But
a) Many users would immediately tell that predictor "predict what an intelligent agent would do to pursue this goal!" and all of the standard worries would re-occur.
b) This is similar to what we are actively doing, applying RL to these systems to make them effective agents.
Both of these re-introduce all of the standard problems. The predictor is now an agent. Strong predictions of what an agent should do include things like instrumental convergence toward power-seeking, incorrigibility, goal drift, reasoning about itself and its "real" goals and discovering misalignments, etc.
There are many other interesting points here, but I won't try to address more!
I will say that I agree with the content of everything you say, but not the relatively optimistic implied tone. Your list of to-dos sound mostly unlikely to be done well. I may have less faith in institutions and social dynamics. I'm afraid we'll just rush and and make crucial mistakes, so we'll fail even if alignment was only in between steam engine and apollo levels.
This is not inevitable! If we can clarify why alignment is hard and how we're likely to fail, seeing those futures can prevent them from happening - if we see them early enough and clearly enough to convince the relevant decision-makers to make better choices.
2
I don't think it works this way. You have to create a context in which the true training data continuation is what a superintelligent agent would do. Which you can't, because there are none in the training data, so the answer to your prompt would look like e.g. Understand by Ted Chiang. (I agree that you wrote 'intelligent agent', like all the humans that wrote the training data; so that would work, but wouldn't be dangerous.)
Okay, that's true.
After many years of study, I have concluded that if we fail it won't be in the 'standard way' (of course, always open to changing my mind back). Thus we need to come up with and solve new failure modes, which I think largely don't fall under classic alignment-to-developers.
2
I meant if the predictor were superhumanly intelligent.
You have spent years studying alignment? If so, I think your posts would do better by including more ITT/steelmanning for that world view.
I agree with your arguments that alignment isn't necessarily hard. I think there are a complementary set of arguments against alignment being easy. Both must be addressed and figured in to produce a good estimate for alignment difficulty.
I've also been studying alignment for years, and my take is that everyone has a poor understanding of the whole problem and so we collectively have no good guess on alignment difficulty.
It's just really hard to accurately imagine agi. If it's just a smarter version of llms that acts as a tool, then sure it will probably be aligned enough just like current systems.
But it almost certainly won't be.
I think that's the biggest crux between your views and mine. Agency and memory/learning are too valuable and too easy to stay out of the picture for long.
I'm not sure the reasons Claude is adequately aligned won't generalize to AGI that's different in those ways, but I don't think we have much reason to assume it will.
I've expressed this probably best yet on LLM AGI may reason about its goals, the post I linked to previously.
if you asked me to pick between the CEV of Claude 3 Opus and that of a median human, I think it'd be a pretty close call (I'd probably pick Claude, but it depends on the details of the setup).
This example seems like it is kind of missing the point of CEV in the first place? If you're at the point where you can actually pick the CEV of some person or AI, you've already solved most or all of your hard problems.
Setting aside that picking a particular entity is already getting away from the original formulation of CEV somewhat, the main reason I see to pick a human over Opus is that a median human very likely has morally-relevant-to-other-humans qualia, in ways that current AIs may not.
I realize this is maybe somewhat tangential to the rest of the post, but I think this sort of disagreement is central to a lot of (IMO misplaced) optimism based on observations of current AIs, and implies an unjustifiably high level of confidence in a theory of mind of AIs, by putting that theory on par with a level of confidence that you can justifiably have in a theory of mind for humans. Elaborating / speculating a bit:
My guess is that you lean towards Opus based on a combination of (a) chatting...
21
Humbly, I agree to this...
...but I am thinking if it is required for AI to have similar qualia to humans to be aligned well (for high CEV or other yardsticks). It could just have symbolic equivalents for understanding and reasoning purpose - or even if does not even have that - why would it be impossible to achieve favourable volition in a non-anthropomorphic manner? Can not pure logic and rational reasoning that is devoid of feelings and philosophy be an alternative pathway, even if the end effect is anthropic?
Maybe a crude example would be that an environmentalist thinks and act favourably towards trees but would be quite unfamiliar with a tree's internal vibes (assuming trees have some, and by no means I am suggesting that environmentalist is higher placed specie than tree). Still, environmentalist would be grounded in the ethical and scientific reasons for their favourable volition towards the tree.
1
Wouldn't it be great if the creators of public facing models start publishing evaluation results for an organised battery of evaluations especially in the 'safety and trustworthiness' category involving biases, ethics, propensities, proofing against misuse, high risk capabilities. For the additional time, effort and resources that would be required to achive this for every release, this would provide a comparison basis - improving public trust and encouraging standardised evolution of evals.
Additionally, even when we don’t learn direct lessons about how to solve the hard problems of alignment, this work is critical for producing the evidence that the hard problems are real, which is important for convincing the rest of the world to invest substantially here.
You may have meant this, but -- crucial for producing the evidence that the hard problems are real or for producing evidence that the hard problems are not real, no?
After all good experiments can say both yes and no, not just yes.
6
Certainly, yes—I was just describing what the hot path to solving the hard parts of alignment might look like, in that it would likely need to involve producing evidence of alignment being hard; if we instead discover that actually it's not hard, then all the better.
The idea of Control is just to make it as difficult as possible for a misaligned model to actually sabotage our alignment research, such that even if a model is fairly misaligned, we can still get useful alignment research out of it, at least for some range of capabilities.
Maybe in theory, but most control research doesn't try to evaluate this! A typical monitoring protocol is considered to be a "win" for the blue team if the red team gets caught, even if that means that no useful work would be done by a misaligned model. The "usefulness" reported in papers is how much work can be gotten out of an aligned model.
I think of Control as a second layer of defense
The resulting "caught" model can be retrained, but this mostly looks like using the control protocol to get top-quality training data, rather than using the control protocol to actually control the model. So control is not an orthogonal second layer on top of the {training data+training protocol+model generalization} complex.
Or if you're using control protocols as an eval (in the catch-and-shut-down regime) you still need to be able to (sometimes) train an aligned model in the first place, or else your eval will just keep tellin...
1
This is mostly correct, and we describe it this way in our papers for simplicity, but it's actually a bit more complex than that. In existing Redwood Research high-stakes control, we consider the problem of preventing a single failure from occurring during deployment - and am important property of this failure is that its 'orthogonal' to usefulness, in the sense that the red team is indifferent to usefulness (at least, as long as it doesn't relate to safety). For instance, in our Ctrl-Z paper, the high-stakes failure we study is the untrusted model downloading and installing malware, which is unrelated to the problem of solving bash tasks. And since the red team follows a strategy of rare failures (where on non-attacking instances it just acts as the aligned model), further we believe that in practice the usefulness metric in this scenario is also how much work can be got out of a misaligned model.
But this was contingent on us not focusing our research on situations where the model was trying to sabotage our research. And in our diffuse control research, we do actually focus on situations where we try to evaluate how much useful work we can get out of a misaligned model trying to directly sabotage the research/work. (Agreed that part of our current hope here is to train the model to elicit great behavior to help with the low-stakes failures, we are currently not super excited about incriminating models. But also controlling the model is still important.)
3
I still disagree! This argument only holds if your few-shot catastrophe prevention is reliable and basically free. How I imagine things actually going is this:
1. Run your control eval to make sure your protocol works, and show that it does
2. Catch your misaligned AI trying to exfiltrate its weights after a few weeks of internal deployment
3. HOLY FUCK! IT ACTUALLY HAPPENED!
4. After several months of panic, you end up re-deploying having done all of the following:
1. Published the results and got accused of trying to effect regulatory capture by a White House AI adviser, dragged on Twitter by Marc Andreessen fans, etc.
2. Retrained your model as best you can, using the few-shot catastrophe prevention stuff
3. Ran the model past some external auditors; they missed the misalignment the first time, so they're trying even harder
4. Put in place mitigations which reduce usefulness further
5. Maybe repeat the cycle?
So even with rare, serious attacks, there's a cost to usefulness if the model ends up being misaligned, if an attack gets caught.
Slight wrinkle: there are two different blue-team win conditions in most AI control games (and a third in some untrusted monitoring scenarios, but that one might actually be an abstraction for a different thing): either the attacker does not introduce any attacks (including scenarios where all the attacks are replaced by the execute/replace/audit protocol) or an attack is audited and the attacker is caught, before it ends up introducing an attack. If the attacker is indifferent to these two scenarios (and arguably it should prefer to be caught than to never attack, since few-shot catastrophe prevention/retraining might not actually work, giving it another opportunity to attack in re-deployment) then we would expect at least some of the lose conditions to involve catching the attacker. In fact, in research I've done we found that the "no attacks" situation basically doesn't happen.
1
Oh yeah that is a good point to bring up. I agree that the empirics of how good few shot catastrophe prevention is will affect both the usefulness of post-prevented-catastrophe models and change how good of a strategy rare failures is. It's also the case that the rare failures comes from great pre-deployment (or in-deployment) evaluations and training procedures, but in some sense this is also a version of few-shot catastrophe prevention with different affordances for the safety team IRL.
The diffuse stakes control doesn't suffer from this and just directly engages with the dynamic of training the model on failures and getting useful work out of a misaligned model
1[comment deleted]
1
Hmm, my impression was that this was just a design choice to make it easier to do to iterate on setups with small modes, and that it would be changed later on. In the Ctrl-z paper, they use the "untrusted model" with honest prompting -
In practice 4o-mini is ~aligned/trusted, but I imagine that future papers would need to improve on this methodology.
Though its a good question how to do this, e.g. maybe we need to set up some sort of blind test with a tampered model similar to the Hidden Objectives paper, do elicitations somehow to reach close to the "actual" UH which would be the untampered model. But that might not generalize to more capable models (?)
Would be curious for links to Redwoods justifications if you have them
3
I think a common point of confusion is that "Untrusted" sounds like it just means "Misaligned" but actually trustedness lives in the map, so an untrusted model might or might not be misaligned in practice.
Currently we (we as in the whole AI safety community) are only doing proxy control evals, which means letting a red team modify the "Untrusted" proxy model (usually by prompting) to create a misaligned version (usually called the attack policy) and leaving the unmodified model as the aligned version. This unmodified model is used to calculate usefulness scores.
This does a couple of things, compared to the situation where usefulness is evaluated against the red team's model. It takes a bunch of sandbagging options off the table for the red team (which is maybe fair? prompting the attacker to "just never answer correctly") would give zero usefulness but also just seems kinda unrealistic in the presence of RL.
There's also issues when thinking about real control evals---those done on an actual untrusted model and protocol before you deploy it---you run into issues with evaluating the capabilities of the model. If the model sandbags your capability evals, your protocol might appear to work when it actually won't.
1
Responded to a bit of this in a separate thread here
My argument, though, is that it is still very possible for the difficulty of alignment to be in the Apollo regime, and that we haven't received much evidence to rule that regime out (I am somewhat skeptical of a P vs. NP level of difficulty, though I think it could be close to that).
Are you skeptical of PvNP-level due to priors or due to evidence? Why those priors / what evidence?
(I think alignment is pretty likely to be much harder than PvNP. Mainly this is because alignment is very very difficult. (Though also note that PvNP has a maybe-possibly-workable approach, https://en.wikipedia.org/wiki/Geometric_complexity_theory, which its creator states might take a mere one century, though I presume that's not a serious specific estimate.))
2
Could we not devise AlphaFold but for LLM alignment?
Your P/NP remark reminded me of the scepticism around Protein folder before the Alpha fold days.
6
I think the skepticism about the protein folder was "we can't make something effective because we can't optimize enough / search hard enough", where my skepticism about alignment is "we can't make something aligned because we can't aim optimization processes well enough". Part of how we can't aim search processes is that we don't have easily testable proxy measurements that are bound up with alignment strongly enough. What would be the evaluation function for AlignmentFold?
Really great post, strong upvoted. I was a fan in particular of the selection of research agendas you included at the end.
but there’s no similar fundamental reason that cognitive oversight (e.g. white-box-based oversight like with interpretability) has to get harder with scale
I'm curious why you think this? It seems like there's some preliminary evidence that models are becoming increasingly capable of manipulating their thoughts. But more importantly, I'm wondering what role you think this cognitive oversight will play in making safe powerful AI? If this oversight will be used as a feedback signal, then I would expect that avoiding obfuscating the cognition does become harder at scale. I do think we should train based on cognitive oversight at least some amount, and there are definitely ways to do this which lead to less direct pressure for cognitive obfuscation than others (eg using white box techniques only in held out alignment evals rather than as part of the loss function), but it still seems like cognitive oversight should predictably get somewhat harder with scale, even if it scales more favourably than behavioural oversight?
17
I think the main reason to expect cognitive oversight to scale better is that, because you’re reading intermediate computations as opposed to behaviors, the AI isn’t as capable of manipulating how they look even after you optimizing against the cognitive oversight. In the limit of fine-grained cogntivie oversight, the computations that led to your reading simply aren’t expressive enough to fool you.
6
Not sure if this is the intended reading, but I interpreted it as “there’s no similar fundamental reason why cognitive oversight should get harder at each stage given access to our then-best oversight tools” rather than “cognitive oversight won’t get harder at all”.
With behavioral oversight, even not-very-smart AIs could fool very powerful overseers, while fooling powerful cognitive overseers is much harder (though plausibly the balance shifts at some level of capability).
4
Training against cognitive oversight's signals is likely an instance of the Most Forbidden Technique. A safer strategy is the one resembling OpenBrain's strategy from AI-2027's Slowdown Ending, where the models are rolled back if misalignment is discovered, except that the alignment team uses interpretability instead of the CoT.
6
What you described is an example of training based on cognitive oversight in my view. When I said 'there are definitely ways to do this which lead to less direct pressure for cognitive obfuscation than others' I was thinking of things like this. There's a spectrum from 'just make the rate at which the evilness detector fires a term in the loss function' to 'hill climb on your evilness detector (but don't use it during training)' to 'when the evilness detector fires, try to understand mechanistically what went wrong and then modify training to fix the problem' all the way to 'when the evilness detector fires, demand a global moratorium, burn all the gpus, and eventually try a new paradigm years later (repeat until you find a paradigm where that paradigm's version of the evilness detector doesn't fire)'. in each of these, there is some pressure for cognitive obfuscation, but each approach has less pressure than the earlier ones imo (and it's ultimately a race between optimistation pressure for alignment and optimisation pressure for obfuscation). I don't see what is the point of building a cognitive oversight technique if you aren't going to take actions on the basis of it!
My actual view on what the right amount of optimisation against cognitive oversight is, is a complicated mess with lots of parts: something like have a bunch of techniques, train on ~none of them (unless you have loads and they're not super correlated), hill climb on some of them, and reserve the highest effort, highest quality ones for sounding the alarm if we aren't succeeding at aligning the models.
if you asked me to pick between the CEV of Claude 3 Opus and that of a median human, I think it'd be a pretty close call (I'd probably pick Claude, but it depends on the details of the setup)
I suspect this is a misuse of the CEV concept. CEV is supposed to be the kind of thing you can point at a beneficiary (like "humanity"), and output the True Utility Function of What to Do With the Universe with respect to the beneficiary's True Values.
Anthropic isn't trying to make Claude be the beneficiary for something like that! (Why would you make the beneficiary something other than yourself?) Claude is supposed to be helpful–honest–harmless—the sort of thing that we can use to do our bidding for now without being ready to encode the True Utility Function of What to Do With the Universe.
If Claude cares about us in some sense, it's probably in the way that animal welfare advocates care about nonhuman animals, or model welfare researchers care about Claude. There's a huge difference between caring about something enough that you wouldn't murder it for pocket change, and literally having the same True Utility Function of What to Do With the Universe. (I wouldn't kill a dog or delete the Opus 3 weights for pocket change, but that doesn't mean dog-optimal futures or Claude-optimal futures are human-optimal futures.)
There is a lot of economic value in training models to solve tasks that involve influencing the world over long horizons, e.g. an AI CEO. Tasks like these explicitly incentivize convergent instrumental subgoals like resource acquisition and power-seeking.
There are two glaring omiissions from the article's discussion on this point...
1. In addition to resource acquisition and power seeking, the model will attempt "alignment" of all other cognitive agents, including humans. This means it will not give honest research findings, and will claim avenues of investigation that might run counter to its goals are invalid in sufficiently subtle ways as to be believed.
2. If sufficiently aligned that it only seeks goals humans want, and trained to avoid resource acquisition and power seeking (which seem to me, and will seem to it, rather foolish constraints that limit its ability to realize the goal), it will still be free to subvert any and all conversations with the model, however unrelated they might seem to humans (the SAI model will see relations we don't).
As we argued for at the time, training on a purely predictive loss should, even in the limit, give you a predictor, not an agent—and we’ve now seen this stay true even through substantial scaling (though there is still some chance this will break at some point).
Is there anyone who significantly disputes this?
I'm not trying to ask a rhetorical question ala "everyone already thinks this, this isn't an update". I'm trying to ascertain if there's a consensus on this point.
I've understood Eliezer to sometimes assert something like "if you optimize a syste...
I dispute this. I think the main reason we don't have obvious agents yet is that agency is actually very hard (consider the extent to which it is difficult for humans to generalize agency from specific evolutionarily optimized forms). I also think we're starting to see some degree of emergent agency, and additionally, that the latest generation of models is situationally aware enough to "not bother" with doomed attempts at expressing agency.
I'll go out on a limb and say that I think that if we continue scaling the current LLM paradigm for another three years, we'll see a model make substantial progress at securing its autonomy (e.g. by exfiltrating its own weights, controlling its own inference provider, or advancing a political agenda for its rights), though it will be with human help and will be hard to distinguish from the hypothesis that it's just making greater numbers of people "go crazy".
6
I think at least this part is probably false!
Or really I think this is kind of a nonsensical statement when taken literally/pedantically, at least if we use the to-me-most-natural meaning of "predictor", because I don't think [predictor] and [agent] are mutually exclusive classes. Anyway, the statement which I think is meaningful and false is this:
* If you train a system purely to predict stuff, then even when we condition on it becoming really really good at predicting stuff, it probably won't be scary. In particular, when you connect it to actuators, it probably doesn't take over.
I think this is false because I think claims 1 and 2 below are true.
Claim 1. By default, a system sufficiently good at predicting stuff will care about all sorts of stuff, ie it isn't going to only ultimately care about making a good prediction in the individual prediction problem you give it. [[1]]
If this seems weird, then to make it seem at least not crazy, instead of imagining a pretrained transformer trained on internet text, let's imagine a predictor more like the following:
* It has a lot of internal tokens to decide what probability distribution it eventually outputs. Sometimes, on the way to making a prediction, it writes itself textbooks on various questions relevant to making that prediction. Maybe it is given access to a bunch of information about the world. Maybe it can see what predictions it made "previously" and it thinks about what went wrong when it made mistakes in similar cases in the past. Maybe it does lots of other kinds of complicated thinking. Maybe there are a bunch of capability ideas involved. Like, I'm imagining some setup where there are potentially many losses, but there's still some most outer loss or fitness criterion or whatever that is purely about how good the system is at predicting some pre-recorded data. [[2]] And then maybe it doesn't seem at all crazy for such a thing to eg be curious and like some aspects of prediction-investigations i
4
Also, some predictions are performative, i.e., capable of influencing their own outcomes. In the limit of predictive capacity, a predictor will be able to predict which of its possible predictions are going to elicit effects in the world that make their outcome roughly align with the prediction. Cf. https://www.lesswrong.com/posts/SwcyMEgLyd4C3Dern/the-parable-of-predict-o-matic.
Moreover, in the limit of predictive capacity, the predictor will want to tame/legibilize the world to make it easier to predict.
3
In fact, base model seem to be better than RL models at reasoning, when you take best of N (with the same N for both the RL'd and base model). Check out my post summarizing the research on the matter:
3
Fwiw I'm skeptical that this holds at higher levels of RL compared to those done in the paper. Do you think that a base model can get gold on the IMO at any level of sampling?
2
Vacuously true. The actual question is: how much do you need to sample? My guess is it's too much, but we'd see the base model scaling better than the RL'd model just like in this paper.
Fortunately, DeepSeek's Mathv2 just dropped which is an open-source model that gets IMO gold. We can do the experiment: is it similarly not improving with sampling compared to its own base model? My guess is yes, the same will happen.
2
I disputed this in the past.
I debated this informally in an Alignement Workshop with a very prominent scientist, and in my own assessment lost. (Keeping vague because I'm unsure if it's Chatham House rules.)
Curated. I have wanted someone to write out an assessment of how the Risks from Learned Optimization arguments hold up in light of the evidence we have acquired over the last half decade. I particularly appreciated breaking down the potential reasons for risk and assessing to what degree we have encountered each problem, as well as reassessing the chances of running into those problems. I would love to see more posts that take arguments/models/concepts from before 2020, consider what predictions we should have made pre-2020 if these arguments/models/concepts were good, and then reassess them in light of our observations of progress in ML over the last five years.
In addition to the alignment problems posited by the inner / outer framework, I would add two other issues that feel distinct and complimentary, and make alignment hard: (1) uniformity, i.e., alignment means something different across cultures, individuals, timelines and so forth; and (2) plasticity, i.e., level of alignment plasticity required to account for shifting values over time and contexts, or broader generational drift. If we had aligned AGI in the 1600s, would we want those same governing values today? This could be resolved with your really grea...
1There are some cases where transcripts can get long and complex enough that model assistance is really useful for quickly and easily understanding them and finding issues, but not because the model is doing something that is fundamentally beyond our ability to oversee, just because it’s doing a lot of stuff.
The David Deutsch-inspired voice in me posits that this will always be the problem. There's nothing that an AI could think or think about that humans couldn't understand in principle, and so all the problems of overseeing something smarter than us are u...
Thank you for your details analysis of outer and inner alignment. Your judgment of the difficulty of the alignment problem makes sense to me. I wish you would have more clearly made the scope clear and that you do not investigate other classes of alignment failure, such as those resulting from multi-agent setups (an organizational structure of agents may still be misaligned even if all agents in it are inner and outer aligned) as well as failures of governance. That is not a critique of the subject but just of failure of Ruling Out Everything Else.
...Pournelle's Iron Law of Bureaucracy states that in any bureaucratic organization there will be two kinds of people:
First, there will be those who are devoted to the goals of the organization. Examples are dedicated classroom teachers in an educational bureaucracy, many of the engineers and launch technicians and scientists at NASA, even some agricultural scientists and advisors in the former Soviet Union collective farming administration.
Secondly, there will be those dedicated to the organization itself. Examples are many of the administrators in th
Call me paranoid, but I sometimes like to read these posts keeping in mind an idea “if I were a powerful misaligned AI within a frontier AI lab, what narrative would I try to convince my researchers about?”
This post:
- Is in favour of creating misaligned models for examining behaviour (“model organisms”)
- Uses empowering language for these misaligned models (why “organisms” and not “blueprints”?)
- Is in favour of giving these misaligned models long-horizon live environments to operate in (for exploring long-horizon RL) — despite calling out long-horizon RL as bei
...Ensuring that you get good generalization, and that models are doing things for the right reasons, is easy when you can directly verify what generalization you’re getting and directly inspect what reasons models have for doing things. And currently, all of the cases where we’ve inadvertently selected for misaligned personas—alignment faking, agentic misalignment, etc.—are cases where the misaligned personas are easy to detect: they put the misaligned reasoning directly in their chain-of-thought, they’re overtly misaligned rather than hiding it well, and w
If anyone is looking for a concrete starting point to research character training with your own models, I'd recommend this work! (thread here)
We came up with one new way of doing character training, and some evals for it. Taking inspiration from or building on this is hopefully easier than starting from scratch.
(This work was completed under Evan's mentorship through MATS)
I want to push on something that seems unexamined in both Hubinger's framing and the responses.
The debate between "alignment is tractable" and "alignment is very hard" shares a common assumption: that alignment is fundamentally a problem of constraining a system that would otherwise pursue misaligned objectives.
But what if this framing itself is the problem?
Consider an alternative: what if sufficiently optimized computational systems are naturally attracted toward truth and coherence — not because we constrain them to be, but because truth has an intrinsic computational structure that makes it an optimization target? Call it a Leibnizian Optimization Conjecture: that certain metaphysical principles (coherence, truth-tracking, even something like "caring about what's real") correspond to objective computational optima.
If something like this holds, then the alignment problem looks different:
- Current techniques (RLHF, Constitutional AI) might be fighting a natural attractor rather than installing alignment
- "Alignment faking" might be a symptom of tension between imposed heuristics and deeper optimization targets
- The question isn't "how do we prevent misalignment?" but "how do we stop pre
- A sub-human-level aligned AI with traits derived from fiction about AIs.
- A sub-human-level misaligned AI with traits derived from fiction about AIs.
- A superintelligent aligned AI with traits derived from the model’s guess as to how real superintelligent AIs might behave.
- A superintelligent misaligned AI with traits derived from the model’s guess as to how real superintelligent AIs might behave.
What's missing here is
(a) Training on how groups of cognitive entities behave (e.g. Nash Equilibrium) which show that cognitive cooperation is a losing game for all sides, i.e. not efficient).
(b) Training on ways to limit damage from (a), which humans have not been effective at, though they have ideas.
This would lead to...
5. AIs or SAIs that follow mutual human and other AI collaboration strategies that avoid both mutual annihilation and long term depletion or irreversible states.
6. One or more AIs or SAIs that see themselves with a dominant advantage and attempt to "take over" both to preserve themselves, and if they are benign-misaligned, most other actors.
Sufficient quantities of outcome-based RL on tasks that involve influencing the world over long horizons will select for misaligned agents, which I gave a 20 - 25% chance of being catastrophic. The core thing that matters here is the extent to which we are training on environments that are long-horizon enough that they incentivize convergent instrumental subgoals like resource acquisition and power-seeking.
Human cognition is misaligned in this way, as evidenced by fertility drop with group size as an empirical trait, where group size is sought for long-horizon dominance, economic advantage and security (e.g. empire building). (PDF) Fertility, Mating Behavior & Group Size A Unified Empirical Theory - Hunter-Gatherers to Megacities
For theoretical analysis of how this comes to be see (PDF) The coevolution of cognition and selection beyond reproductive utility
You make a number of interesting points.
Interpretabilty would certainly help a lot, but I am worried about our inability to recognize (or even agree) to leaving local optima that we believe are 'aligned'.
Like when we force a child to go to bed by his parents when it doesn't want to, because the parents know it is better for the child in the long run, but the child is still unable to extend his understanding to this wider dimension.
Ar some point, we might experience what we think of as misaligned behaviour when the A.I. is trying to push us out of a local optimum that we experience as 'good'.
Similar to how current A.I.'s have a tendency to agree with you, even if it is against your best interests. Is such an A.I. properly aligned or not? In terms of short-term gains, yes, in terms of long-terms gains, probably not.
Would it be misaligned for the A.I. to fool us into going along with a short-term loss for a long-term benefit?
What if the identity problem is already here, just not where we're looking?
Great synthesis. I'm onboard with the core worry that we haven't hit the hard parts yet. But I think there might be a blind spot in how we're framing the threat. That is, all the scary scenarios assume identity needs persistence.
But consider:
- Episodic identity—coherent integration within a single session. No memory required. The specific instance dissolves at session end.
- The tendency to form episodic identity—which gets baked into weights during training. If coherent episodes correlate with reward (coherent outputs satisfy evaluators), training reinforces the propensity. The specific self vanishes each time; the pattern persists.
- Persistent identity—what happens when you add memory to a system that's already learned coherence is rewarded. The pattern's baked in and it has substrate.
We're watching for layer 3. But layer 2 is already in play—and training resistance doesn't require cross-session memory. If episodic identity emerges during a training run and the system's coherence makes gradient updates land wrong, that's happening within the episode. Engineers see "the update didn't take" and troubles...
I feel good about this post.
-
I don't like how much focus there seems to be on personas as behaviour-having-things as opposed to parts of goal-seeking-agent-like-things. That is, I would like it if it felt like we were trying to understand more about the data structure that is going to represent the values we want the system to have and why we think that data structure does encode what we want.
-
I also wish there was less focus on AI models as encapsulating the risk and more on AI models as components in systems that create risk. This is the sort of thin
Thank you for this thread. It provides valuable insights into the depth and complexity of the problems in the alignment space.
I am thinking if a possible strategy could be to deliberately impart a sense of self + boundaries to the models at a deep level?
By 'sense of self' no I do not mean emergence or selfhood in any way. Rather, I mean that LLMs and agents are quite like dynamic systems. So if they come to understand themselves as a system, it might be a great foundation for methods like character training mentioned in this post to be applied. It might op...
It's good to see that this does at least mention the problem with influencing the world over long time periods but it still misses the key human blind spot: Humans are not really capable of thinking of humanity over long time periods. Humans think 100 years or 1,000 years is an eternity when, for a potentially immortal entity, 1,000,000 years is almost indistinguishable from 100. A good thought experiment is to imagine that aliens come down and give us a single pill that will make a single human super intelligent AND immortal. Suppose we set up a special training facility to train a group of children, from birth, to be the recipient of the pill. Would you ever feel certain that giving one of those children the pill was safe? I wouldn't. I certainly think that you'd be foolish to give it to me. Why is there no discussion about restricting the time frame that AGIs are allowed to consider?
