Verification seems like a strictly simpler problem. If we can't prove properties for a web server, how are we going to do anything about a completely unspecified AI?
The AI take over scenarios I've head almost always involve some kind of hacking, because today hacking is easy. I don't see why that would necessarily be the case a decade from now. We could prove some operating system security guarantees for instance.
Thanks for doing this. A lack of self criticism about AI risk is one of the reasons I don't take it too seriously.
I generally agree with http://su3su2u1.tumblr.com/ , but it may not be organized enough to be helpful.
As for MIRI specifically, I think you'd be much better served by mainstream software verification and cryptography research. I've never seen anyone address why that is not the case.
I have a bunch of disorganized notes about why I'm not convinced of AI risk, if you're interested I could share more.
I would be somewhat more convinced that MIRI was up to it's mission if they could contribute to much simpler problems in prerequisite fields.