MadHatter

"We are computer scientists. We do not lack in faith." (Ketan Mulmuley)

Sequences

The Ethicophysics

Wiki Contributions

Comments

How to Train Your Shoggoth, Part 2

The Historical Teams Framework for Alignment Research

Eliezer Yudkowsky has famously advocated for embracing "security mindset" when thinking about AI safety. This is a mindset where you think about how to prevent things from going wrong, rather than how to make things go right. This seems obviously correct to me, so for the purposes of this post I'll just take this as a given.

But I think there's a piece missing from the AI Safety community's understanding of security mindset, that is a key part of the mindset that computer security researchers and practitioners use. This is the concept of "threat model", or "Mossad vs. not-Mossad". In computer security, it's important to specify the class of adversary you are trying to keep out, because different adversaries have different capabilities. For example, if you are trying to keep out a nation-state adversary, you need to worry about things like zero-day exploits, and you need to worry about physical security of your servers. If you are trying to keep out a script kiddie, you don't need to worry about zero-day exploits, and you don't need to worry about physical security of your servers. If you are trying to keep out a random person on the internet, you don't need to worry about zero-day exploits, and you don't need to worry about physical security of your servers, and you don't need to worry about them breaking into your office and stealing your hard drives.

In my experience, the AI Safety community typically thinks primarily about adversaries with completely unbounded capabilities. There's a good reason for this (there's probably not much of a ceiling on AI capabilities, so, for any level of capabilities, eventually we will be facing that level of threat), but it makes it very hard to do the sort of productive, incremental work that builds a research program and eventually a paradigm.

The Historical Lens

 

How would one address this? I think we need a simple, shared framework in which to specify what kind of adversary we are thinking about at any given moment, and I think we need to associate any particular project with some particular class or classes of adversary it is meant to contain, thwart, or otherwise deal with. I think this would help us to make progress on the problem of AI safety, and I think it would help us to communicate with each other about our work. I also think it would help alignment researchers not immediately burn out upon seriously considering the problem.

What should this framework look like? I've been thinking about this question for a while, and the best answer I've come up with is to specify a list of human beings from history, and then assume for the sake of theory that we're facing an AI that has the set of capabilities that list of human beings would have if they worked together in pure coordination, using all available modern knowledge.

Let's work through some examples here to get a sense of what I'm talking about. Let's take the question of boxing an AI. Now consider the adverary that is composed of just Napoleon Bonaparte. Napoleon was a very good general, and had the various skills that that implies. When he was finally defeated, they essentially tried to box him by exiling him to the island of Elba. He escaped, and caused more havoc, and then they exiled him to the island of St. Helena, which he did not escape from. In the framework I am proposing, this would be take as evidence that boxing an AI is very hard, and we will probably get it wrong the first time, but that for a fixed adversary, we may get it right on the second try, if we survive the failure of the first attempt. This is a slightly different conclusion than the one I think a lot of people in the alignment community would have on the question of boxing an AI, which is essentially that it's impossible and we shouldn't try.

This argument also feels much more grounded in reality and history than the typical alignment argument that I encounter. I think it is more likely to convince people who are not already convinced of the importance of AI safety. And I think it is just a much less painful and dangerous thought to hold in one's head than the sort of "how do I enslave a god who can read my mind" kind of thinking that trying to reason about unbounded adversaries tends to lead to.

Let's take another example. Let's say we're trying to figure out how to deal with deception in an AI. We could consider the adversary that is composed of Harry Houdini and Adolf Hitler. (Already we start to see that this framework is slightly weird and at times deeply offensive; one really can't imagine the historical Houdini having a productive working relationship with the historical Hitler.) Houdini was a very good magician, who devoted much of the later part of his life to exposing mediums and other frauds. He could do this well essentially because he knew all the tricks that the mediums might use. He could have easily set up shop as a medium himself if he had wanted to. Hitler, on the other hand, was a very convincing liar, and was able to convince a large number of people to do a bunch of very bad things, through a combination of threats of violence and "the big lie". Now the question becomes, how do you safely get productive work (say, writing a press release for a small business) out of the Houdini-Hitler mashup? I think it immediately become clear that this is quite a difficult task, and not really one that we have a good solution to. It's not the sort of thing you would assume that you will succeed at. Here I think we have just rederived the standard conclusion that deception is a hard problem, but we have done so in a way that is more grounded in reality and history, and that is less painful and dangerous to think about.

Now that we have a sense of what this framework looks like, let's try to do some productive work in it. Let's say we're trying to make progress on the deception problem. We could try to figure out what it would take to be able to trust a system that is primarily powered by Harry Houdini. Let's say we're trying to solve the standard ELK problem (the problem of keeping a diamond in a vault safe, when the diamond is protected by an AI that understands the construction and nature of the vault better than we do, and we rely on the AI to report on the state of the diamond). (This is a little bit of an abuse of the ELK framework, in that I think with ELK one usually is discussing a system that isn't actively adversarial.)

The only way I can remotely imagine not getting outsmarted by the Houdini AI is to have another Houdini that thinks at the same speed, who isn't in coordination with the fist Houdini. (Think of the historical Houdini outsmarting various mediums.) This is a classic approach to building AI alignment systems that I think is considered not very effective by a lot of alignment researchers, but I've always thought it was not given enough credit. RLHF, in some sense the established approach to prosaic AI alignment, takes this form.

The Simulation Lens

 

The other thing that makes alignment research difficult is that it's very hard to run experiments that give you useful information about how to align an AI. There are multiple reasons for this: the most powerful existing AI's are very difficult to work with (training them is complicated and expensive, and will likely remain so for the duration; getting their weights and activations is impossible for people outside the big labs).

So what would happen if we just took video games as our model of reality? Say, if we are trying to prevent a superintelligence from performing atrocities in reality, then try to get a superintelligence to avoid performing atrocities in Factorio. That sort of thing. This approach seems (to me at least) far more empirical and grounded than any approach to performing alignment research that I am aware of. It also has the advantage that the big AI labs could productively research it starting more than five years ago, because they already have.

How to Train Your Shoggoth, Part 1


What if Didactic Fiction is the Answer to Aligning Large Language Models?

This is a linkshortform for https://bittertruths.substack.com/p/how-to-train-your-shoggoth-part-1

Epistemic status: this sounds very much like an embarrassingly dumb take, but I haven't been able to convince myself that it is false, and indeed am somewhat convinced that it would at least help to align large language models (and other models that meaningfully incorporate them). So I'm writing at least partly to see if anyone has any fundamental objections to this idea.

The idea in a nutshell

 

We need to write a bunch of didactic fiction (which for this post we will define as teaching morality/alignment by scripting desired and possibly undesired responses to hypothetical situations) that is intended for AI consumption, that depicts our desired state of affairs. This fiction should describe a coherent (series of?) world(s) in which we could find ourselves, in which AI ranging from present-day reality to strong ASI is safely integrated into society. The purpose of this fiction is to be included in training data for large language models, and indeed the AI labs training large language models would be enabled and encouraged to do so.  (So stories would be open-source and freely downloadable, translated into all languages and formats used by AI's, etc.)

The goal of such an activity would be to provide meaningful characters for a large language model to inhabit / imitate / simulate. I will say more about this in the sections to come.

The fiction need not be any good as fiction for human consumption (although it would be interesting to read and to write, I think). We will describe various desiderata for what sort of fiction would be desired in the section "Implementation Details"; this is a complicated but actually fairly interesting question, in my opinion.

Some basic context

 

GPT-k for k <=3.5/4.0 and ChatGPT are next-token predictors based on a transformer architecture, possibly with retrieval augmentation. They are trained on a very large corpus of text, including most of the internet. (A good deal of the internet is presumably filtered away from them, though, because it is not high-enough quality. There is also potentially a large amount of proprietary data also going in.)

GPT-k is not a human-like intelligence, and should not be thought of as one. (Barring, I suppose, huge changes in its architecture for sufficiently large k.) It is really damn good at next-token prediction (better than humans at this fairly-unnatural-for-us task), and ChatGPT is semi-reasonable about answering large numbers of questions and prompts.

It's important to avoid anthropomorphization of these models, obviously. And there's a bunch of related failure modes in any project like this. For instance, fiction that imputes qualities or experiences to AI's that they do not have (e.g., an internal monologue that sounds particularly human) would be actively harmful, because repeating things like it would be actively misleading to people about how the AI works. And the whole point of this idea is to get the AI to repeat things or adapt them to new contexts in which it finds itself.

Implementation Details

 

First, what are our goals? We would like to instill various behaviors in the AI, but which behaviors? Some obvious clusters are the Helpful/Harmless/Honest description, not-saying-slurs, helping alignment research/development/maintenance/regulation(???), and generally being honest about its internal knowledge and capabilities. We need to give the large language model some sort of behavioral framework that will ensure our safety, and it seems like that includes it having to disclose (and possibly explain!) certain information that is relevant to our safety. 

Probably the predominant genre for such fiction initially would be a sort of variant on the epistolary novel, in which humans write into a chatbot or API and the model replies, but for various different counterfactual situations that the AI might find itself in. It is unclear to me whether a narrative would be desirable or even perceivable by the large language model being trained on the text.

Some techno-literary devices might be to provide custom embeddings of specific things, vector stores over certain texts, and knowledge graphs that run in parallel to the text of the novel. These might make the system relevant to other kinds of models. We could also provide custom reward labelings for different characters in the story, for training RLHF proxy models. This would be sort of equivalent to a Goofus-and-Gallant comic (or I suppose a Virgin-vs.-Chad meme for the younger folks).

Another interesting facet of this problems is the sort of social planning aspect. We need to build out the fiction to be somewhat consistent and we will want to build it significantly faster than we build out the intelligence that will be trained on it, given how fast progress can be in this field, and given that the data needs to exist potentially several months in advance of the model being ready. And yet we would like to build the fiction out slowly enough that we can have some sort of social process around what it should be like.

Very cool post! We need a theory of valence that is grounded in real neuroscience, since understanding valence is pretty much required for any alignment agenda that works the first time.

I have read the sequences. Not all of them, because, who has time. 

Here is a video of me reading the sequences (both Eliezer's and my own):

https://bittertruths.substack.com/p/semi-adequate-equilibria

Well what if he bets a significant amount of money at 2000:1 odds that the Pope will officially add his space Bible to the real Bible as a third Testament after the New Testament within the span of a year?

What if he records a video of himself doing Bible study? What if he offers to pay people their currently hourly rate to watch him do Bible study?

I guess the thrust of my questions here is, at what point do you feel that you become the dick for NOT helping him publish his own space Bible? At what point are you actively impeding new religious discoveries by failing to engage?

For real, literal Christianity, I think there's no amount of cajoling or argumentation that could lead a Christian to accept the new space Bible. For one thing, until the Pope signs off on it, they would no longer be Christian if they did.

Does rationalism aspire to be more than just another provably-false religion? What would ET Jaynes say about people who fail to update on new evidence?

Recorded a sort of video lecture here: https://open.substack.com/pub/bittertruths/p/semi-adequate-equilibria

Agree that it should be time-based rather than karma-based.

I'm currently on a very heavy rate limit that I think is being manually adjusted by the LessWrong team.

Is this clear enough:

I posit that the reason that humans are able to solve any coordination problems at all is that evolution has shaped us into game players that apply something vaguely like a tit-for-tat strategy meant to enforce convergence to a nearby Schelling Point / Nash Equilibrium, and to punish defectors from this Schelling Point / Nash Equilibrium. I invoke a novel mathematical formalization of Kant's Categorical Imperative as a potential basis for coordination towards a globally computable Schelling Point. I believe that this constitutes a promising approach to the alignment problem, as the mathematical formalization is both simple to implement and reasonably simple to measure deviations from. Using this formalization would therefore allow us both to prevent and detect misalignment in powerful AI systems. As a theory of change, I believe that applying RLHF to LLM's using a strong and consistent formalization of the Categorical Imperative is a plausible and reasonably direct route to good outcomes in the prosaic case of LLM's, and I believe that LLM's with more neuromorphic components added are a strong contender for a pathway to AGI.

My understanding of the current situation with me is that I am not in fact rate-limited purely by automatic processes currently, but rather by some sort of policy decision on the part of LessWrong's moderators.

Which is fine, I'll just continue to post my alignment research on my substack, and occasionally dump linkposts to them in my shortform, which the mods have allowed me continued access to.

https://github.com/epurdy/ethicophysics/blob/main/writeup1.pdf

Load More