Anthropic Gifts a Feeling of Safety: Insecurity Blooms This Holiday Season
December 25, 2024
Written by a dinobaby, not an over-achieving, unexplainable AI system.
TechCrunch published “Google Is Using Anthropic’s Claude to Improve Its Gemini AI.” The write up reports:
Contractors working to improve Google’s Gemini AI are comparing its answers against outputs produced by Anthropic’s competitor model Claude, according to internal correspondence seen by TechCrunch. Google would not say, when reached by TechCrunch for comment, if it had obtained permission for its use of Claude in testing against Gemini.
Beyond Search notes Pymnts.com report from February 5, 2023, that Google invested at that time $300 million in Anthropic. Beyond Search recalls a presentation at a law enforcement conference. One comment made by an attendee to me suggested that Google was well aware of Anthropic’s so-called constitutional AI. I am immune to AI and crypto babble, but I did chase down “constitutional AI” because the image the bound phrase sparked in my mind was that of the mess my French bulldog delivers when he has eaten spicy food.
The illustration comes from You.com. Kwanzaa was the magic word. Good enough.
The explanation consumes 34 pages of an ArXiv paper called “Constitutional AI: Harmlessness from AI Feedback.” The paper has more than 48 authors. (Headhunters, please, take note when you need to recruit AI wizards.) I read the paper, and I think — please, note, “think” — the main idea is:
Humans provides some input. Then the Anthropic system figures out how to achieve helpfulness and instruction-following without human feedback. And the “constitution”? Those are the human-created rules necessary to get the smart software rolling along. Presumably Anthropic’s algorithms ride without training wheels forevermore.
The CAI acronym has not caught on like the snappier RAG or “retrieval augmented generation” or the most spectacular jargon “synthetic data.” But obviously Google understands and values to the tune of hundreds of millions of dollars, staff time, and the attention of big Googler thinkers like Jeff Dean (who once was the Big Dog of AI) but has given way to the alpha dog at DeepMind).
The swizzle for this “testing” or whatever the Googlers are doing is “safety.” I know that when I ask for an image like “a high school teacher at the greenboard talking to students who are immersed in their mobile phones”, I am informed that the image is not safe. I assume Anthropic will make such crazy prohibitions slightly less incomprehensible. Well, maybe, maybe not.
Several observations are warranted:
- Google’s investment in Anthropic took place shortly after the Microsoft AI marketing coup in 2023. Perhaps someone knew that Google’s “we invented it” transformer technology was becoming a bit of a problem
- Despite the Google “we are the bestest” in AI technology, the company continues to feel the need to prove that it is the bestest. That’s good. Self- knowledge and defeating “not invented here” malaise are positives.
- DeepMind itself — although identified as the go-to place for the most bestest AI technology — may not be perceived as the outfit with the Holy Grail, the secret to eternal life, and the owner of most of the land on which the Seven Cities of Cibola are erected.
Net net: Lots of authors, Google testing itself, and a bit of Google’s inferiority complex — Quite a Kwanzaa gift.
Stephen E Arnold, December 25, 2024
FReE tHoSe smaRT SoFtWarEs!
December 25, 2024
No smart software involved. Just a dinobaby’s work.
Do you have the list of stop words you use in your NLP prompts? (If not, click here.) You are not happy when words on the list like “b*mb,” “terr*r funding,” and others do not return exactly what you are seeking? If you say, “Yes”, you will want to read “BEST-OF-N JAILBREAKING” by a Frisbee team complement of wizards; namely, John Hughes, Sara Price, Aengus Lynch, Rylan Schaeffer, Fazl Barez, Sanmi Koyejo, Henry Sleight, Erik Jones, Ethan Perez, and Mrinank Sharma. The people doing the heavy lifting were John Hughes (a consultant who does work for Speechmatics and Anthropic) and Mrinank Sharma (an Anthropic engineer involved in — wait for it — adversarial robustness).
The main point is that Anthropic linked wizards have figured out how to knock down the guard rails for smart software. And those stop words? Just whip up a snappy prompt, mix up the capital and lower case letters, and keep sending the query to a smart software. At some point, those capitalization and other fixes will cause the LLM to go your way. Want to whip up a surprise in your bathtub? LLMs will definitely help you out.
The paper has nifty charts and lots of academic hoo-hah. The key insight is what the many, many authors call “attack composition.” You will be able to get the how-to by reading the 73 page paper, probably a result of each author writing 10 pages in the hopes of landing an even more high paying, in demand gig.
Several observations:
- The idea that guard rails work is now called into question
- The disclosure of the method means that smart software will do whatever a clever bad actor wants
- The rush to AI is about market lock up, not the social benefit of the technology.
The new year will be interesting. The paper’s information is quite the holiday gift.
Stephen E Arnold, December 25, 2024
McKinsey Takes One for the Team
December 25, 2024
This blog post is the work of an authentic dinobaby. No smart software was used.
I read the “real” news in “McKinsey & Company to Pay $650 Million for Role in Opioid Crisis.” The write up asserts:
The global consulting firm McKinsey and Company Friday [December 13, 2024] agreed to pay $650 million to settle a federal probe into its role in helping “turbocharge” sales of the highly addictive opioid painkiller OxyContin for Purdue Pharma…
If I were still working at a big time blue chip consulting firm, I would suggest to the NPR outfit that its researchers should have:
- Estimated the fees billed for opioid-related consulting projects
- Pulled together the estimated number of deaths from illegal / quasi-legal opioid overdoses
- Calculated the revenue per death
- Calculated the cost per death
- Presented the delta between the two totals.
- Presented to aggregate revenue generated for McKinsey’s clients from opioid sales
- Estimated the amount spent to “educate” physicians about the merits of synthetic opioids.
Interviewing a couple of parents or surviving spouses from Indiana, Kentucky, or West Virginia would have added some local color. But assembling these data cannot be done with a TikTok query. Hence, the write up as it was presented.
Isn’t that efficiency of MBA think outstanding? I did like the Friday the 13th timing. A red ink Friday? Nope. The fine doesn’t do the job for big time Blue Chip consulting firms. Just like EU fines don’t deter the Big Tech outfits. Perhaps something with real consequences is needed? Who am I kidding?
Stephen E Arnold, December 25, 2024
The Future: State Control of Social Media Access, Some Hope
December 25, 2024
It’s great that parents are concerned for their children’s welfare, especially when there are clear and documented dangers. The Internet has been in concerned parents’ crosshairs since its proliferation. Back in the AOL days it was easier to monitor kids access, you simply didn’t allow them to log on and you reviewed their browser history. However, with the advent of mobile devices and the necessity of the Internet for everyday living, parents are baffled on how to control their children and so is the Australian government. In an extreme case, the Australian parents proposed a bill to ban kids under the age of sixteen from using social media. The Senior relates how they are winning the battle: “Parents To Lose Final Say In Social Media Ban For Kids.”
The proposed bill is from Prime Minister Anthony Albanese’s administration and it plans to ban all kids under the age of sixteen from any and other social media platforms. Parents are taken out of the equation entirely. Parents will not be allowed to consent and many see it as a violation of their civil and parental rights.
The bill hasn’t been drafted yet and probably won’t be in 2024. It is believed that the first legislation on the bill will be in 2025 and will slowly work its way through the Australian parliament. The blanket ban would also not require age verification:
“Asked if parents would be allowed to consent to their children being on social media at a younger age, Communications Minister Michelle Rowland told Labor’s party room meeting “no”. She said people using social media would not have to upload proof of identity directly to those platforms, when minimum age requirements kick in. ‘The opposition is the only party arguing that people should upload 100 points of ID and give it to TikTok,’ she told the meeting. The government wants 12 months of consultation to figure out exactly how the ban will be enforced.”
Australia doesn’t have faith in parents’ efforts to regulate their kids on social media, so the government is acting in the kids’ best interests. It does sound like the government is overstepping, but social media experts and mental health professionals have documented the potential and real harm of social media on kids. Many parents also don’t monitor and discipline their children’s Internet usage habits. Is this an overstep by the government? No, just a first step.
Whitney Grace, December 25, 2024
VoIP in Russia, Nyet. Telegram Voice, Nyet. Just Not Yet
December 24, 2024
Written by a dinobaby, not an over-achieving, unexplainable AI system.
PCNews.ru in everyone’s favorite special operations center reported that Roskomnadzor (a blend of the FBC and a couple of US three letter agencies) has a New Year’s surprise coming. (Xmas in Russia is often celebrated on January 7, 2024.) The short write up reported to me in English via the still semi reliable Google Translate that calls within “messenger apps” are often fraudulent. I am not sure this is a correct rendering of the Russian word. One of my colleagues suggested that this is a way to say, “Easily intercepted and logged by Roskomnadzor professionals.”
Among the main points in the article are:
- The target is voice traffic not routed via Roskomnadzor
- Communication operators — that is, Internet providers, data centers, etc. — are likely to be required to block such traffic with endpoints in Russia
- As part of the “blocks,” Roskomnadzor wants to identify or have identified for the entity such functions as “identifying illegal call centers (including those using SIM boxes) on their networks.”
The purpose is to protect Russian “consumers.” The source cited above included an interesting factoid. YouTube traffic, which has been subject to “blocks” has experienced a decrease in traffic of 80 percent.
Not bad but a 20 percent flow illustrates that Roskomnadzor has been unable to achieve its total ban. I wonder if this 80 percent is “good enough” for Roskomnadzor and for the fearless head of state who dictates in Russia.
Stephen E Arnold, December 24, 2024
Petrogenesis Means New Life for Xerox and Lexmark
December 24, 2024
Written by a dinobaby, not an over-achieving, unexplainable AI system.
I read about Xerox’s bold move to purchase Lexmark. I live in Kentucky, and some remember the days when IBM sought to create a brand called “Lexmark.” One of its Kentucky-proud units was located in Lexington, Kentucky. Unfortunately printers performed in market competitions about as well as most of the horses bred in Kentucky to win big money in races. Lexmark stumbled, but was not put down. Wikipedia has an amusing summary of the trajectory of Lexmark, originally part of IBM. That’s when the fun began.
The process of fossilmorphism begins. Will the progeny become King of the Printing Jungle? Does this young velociraptor find the snorting beasts amusing or the source of a consulting snack? Thanks, You.com. Good enough.
Xerox, on the other hand, is another Rochester, New York, business case study. (The other is Kodak, of digital camera fame.) Again Wikipedia has a good basic description without the color of the company’s most interesting missteps. (Did you know that one of Xerox’s most successful sales professionals was a fisherman. That’s is. Boat to big bucks without any of the Fancy Dan stuff in college.) Oh, Xerox made printers, and I was a dinobaby who worked on a printer that ingested scanned images or typed pages at one end and spit out collated paper copies at the other. Yep, a printer.
What has caused this dinobaby to stumble down memory lane? I read “Xerox to Acquire Lexmark.” Yep, Xerox a printer outfit has acquired what was once an IBM printer outfit. I call this type of business tactic
Fossilmorphism
A coinage! It meaning is that two fossil type companies fuse and create a new company. The idea is that the deal has “synergy” and the flows of cash from surging sales with lead to dinomorphism. This term suggests that companies only a dinobaby like me can love change and explode beyond their decades of organization and re-organization, might-have-been thinking, and the constraints of tromping around when this dinobaby was an agile velociraptor.
The deal raises an existential question: Are two dinosaurs able to mate? Will the offspring be a Darwinian win or fail? Every horse owner knows their foal is a winner. (Horse veterinarians are the big winners, according to Kentucky lore.)
Stephen E Arnold, December 24, 2024
FOGINT: TOMA Abandoning Telegram in Sharp U Turn
December 24, 2024
Observations from the FOGINT research team.
Pressure is building on Telegram’s vision for Messenger to become the hub for game crypto currency. Bitnewsbot published allegedly accurate information in “Popular Telegram Game Tomarket Ditches TON, Picks Aptos for Token Launch.” The article asserts:
Telegram-based gaming platform Tomarket announced it will launch its TOMA token on the Aptos blockchain network, abandoning initial plans to deploy on The Open Network (TON). The decision affects millions of users ahead of the December 20 token launch, marking a significant shift in the Telegram mini-app ecosystem.
One of the reasons given for the switch, according to Bitnewsbot, is the “speed and infrastructure capabilities” of Aptos’s blockchain network. The article continues:
The decision stands out as most Telegram-based cryptocurrency applications, including prominent names like Hamster Kombat and Notcoin, typically deploy on TON. The TON blockchain has seen substantial growth, currently ranking as the 16th largest cryptocurrency by market capitalization, according to CoinGecko with, a price increase of approximately 190% over the past year.
The online information service Decrypt.io adds some additional information which suggests that the Telegram infrastructure is not as supple as the Aptos offering; specifically:
Tomarket has handed out allocations of tokens across multiple airdrop waves, but players have been unable to withdraw or trade the token. The app’s developers previously said that the TOMA token was generated, but clarified afterwards that the term was used to describe token allocations within the app. And now, Tomarket won’t ultimately deploy to TON.
Decrypt.io reports:
Tomarket isn’t the first game to choose an alternative path, however: tap-to-earn combat game MemeFi recently launched its token on Sui, after pivoting from its original chain of Ethereum layer-2 network Linea.
The FOGINT team thinks that this Tonmarket abrupt change of direction may increase the pressure on Telegram at a time the organization is trying to wriggle free from the French red tape ensnaring Pavel Durov. Mr. Durov is on a legal tightrope. Defections like Tonmarket may spark some unpredictable actions by the Telegram collections of “organizations.”
Stephen E Arnold, December 24, 2024
Agentic Babies for 2025?
December 24, 2024
Are the days of large language models numbered? Yes, according to the CEO and co-founder of Salesforce. Finance site Benzinga shares, “Marc Benioff Says Future of AI Not in Bots Like ChatGPT But In Autonomous Agents.” Writer Ananya Gairola points to a recent Wall Street Journal podcast in which Benioff shared his thoughts:
“He stated that the next phase of AI development will focus on autonomous agents, which can perform tasks independently, rather than relying on LLMs to drive advancements. He argued that while AI tools like ChatGPT have received significant attention, the real potential lies in agents. ‘Has the AI taken over? No. Has AI cured cancer? No. Is AI curing climate change? No. So we have to keep things in perspective here,’ he stated. Salesforce provides both prebuilt and customizable AI agents for businesses looking to automate customer service functions. ‘But we are not at that moment that we’ve seen in these crazy movies — and maybe we will be one day, but that is not where we are today,’ Benioff stated during the podcast.”
Someday, he says. But it would seem the race is on. Gairola notes OpenAI is poised to launch its own autonomous AI agent in January. Will that company dominate the autonomous AI field, as it has with generative AI? Will the new bots come equipped with bias and hallucinations? Stay tuned.
Cynthia Murrell, December 24, 2024
FOGINT: Telegram Gets Some Lipstick to Put on a Very Dangerous Pig
December 23, 2024
Information from the FOGINT research team.
We noted the New York Times article “Under Pressure, Telegram Turns a Profit for the First Time.” The write up reported on December 23, 2024:
Now Telegram is out to show it has found its financial footing so it can move past its legal and regulatory woes, stay independent and eventually hold an initial public offering. It has expanded its content moderation efforts, with more than 750 contractors who police content. It has introduced advertising, subscriptions and video services. And it has used cryptocurrency to pay down its debt and shore up its finances. The result: Telegram is set to be profitable this year for the first time, according to a person with knowledge of the finances who declined to be identified discussing internal figures. Revenue is on track to surpass $1 billion, up from nearly $350 million last year, the person said. Telegram also has about $500 million in cash reserves, not including crypto assets.
The FOGINT’s team viewpoint is different.
- Telegram took profit on its crypto holdings and pumped that money into its financials. Like magic, Telegram will be profitable.
- The arrest of Mr. Durov has forced the company’s hand, and it is moving forward at warp speed to become the hub for a specific category of crypto transactions.
- The French have thrown a monkey wrench into Telegram’s and its associated organizations’ plans for 2025. The manic push to train developers to create click-to-earn games, use the Telegram smart contracts, and ink deals with some very interesting partners illustrates that 2025 may be a turning point in the organizations’ business practices.
The French are moving at the speed of a finely tuned bureaucracy, and it is unlikely that Mr. Durov will shake free of the pressure to deliver names, mobile numbers, and messages of individuals and groups of interest to French authorities.
The New York Times write up references profitability. There are more gears engaging than putting lipstick on a financial report. A cornered Pavel Durov can be a dangerous 40 year old with money, links to interesting countries, and a desire to create an alternative to the traditional and regulated financial system.
Stephen E Arnold, December 23, 2024
AI Makes Stuff Up and Lies. This Is New Information?
December 23, 2024
The blog post is the work of a dinobaby, not AI.
I spotted “Alignment Faking in Large Language Models.” My initial reaction was, “This is new information?” and “Have the authors forgotten about hallucination?” The original article from Anthropic sparked another essay. This one appeared in Time Magazine (online version). Time’s article was titled “Exclusive: New Research Shows AI Strategically Lying.” I like the “strategically lying,” which implies that there is some intent behind the prevarication. Since smart software reflects its developers use of fancy math and the numerous knobs and levers those developers can adjust at the same time the model is gobbling up information and “learning”, the notion of “strategically lying” struck me as as interesting.
Thanks MidJourney. Good enough.
What strategy is implemented? Who thought up the strategy? Is the strategy working? were the questions which occurred to me. The Time essay said:
experiments jointly carried out by the AI company Anthropic and the nonprofit Redwood Research, shows a version of Anthropic’s model, Claude, strategically misleading its creators during the training process in order to avoid being modified.
This suggests that the people assembling the algorithms and training data, configuring the system, twiddling the administrative settings, and doing technical manipulations were not imposing a strategy. The smart software was cooking up a strategy. Who will say that the software is alive and then, like the former Google engineer, express a belief that the system is alive. It’s sci-fi time I suppose.
The write up pointed out:
Researchers also found evidence that suggests the capacity of AIs to deceive their human creators increases as they become more powerful.
That is an interesting idea. Pumping more compute and data into a model gives it a greater capacity to manipulate its outputs to fool humans who are eager to grab something that promises to make life easier and the user smarter. If data about the US education system’s efficacy are accurate, Americans are not doing too well in the reading, writing, and arithmetic departments. Therefore, discerning strategic lies might be difficult.
The essay concluded:
What Anthropic’s experiments seem to show is that reinforcement learning is insufficient as a technique for creating reliably safe models, especially as those models get more advanced. Which is a big problem, because it’s the most effective and widely-used alignment technique that we currently have.
What’s this “seem.” The actual output of large language models using transformer methods crafted by Google output baloney some of the time. Google itself had to regroup after the “glue cheese to pizza” suggestion.
Several observations:
- Smart software has become the technology more important than any other. The problem is that its outputs are often wonky and now the systems are befuddling the wizards who created and operate them. What if AI is like a carnival ride that routinely injures those looking for kicks?
- AI is finding its way into many applications but the resulting revenue has frayed some investors’ nerves. The fix is to go faster and win to reach the revenue goal. This frenzy for payoff has been building since early 2024 but those costs remain brutally high.
- The behavior of large language models is not understood by some of its developers. Does this seem like a problem?
Net net: “Seem?” One lies or one does not.
Stephen E Arnold, December 23, 2024
-
- Subscribe to Beyond Search
Feature archive
News archive
-
