HackerTrans
TopNewTrendsCommentsPastAskShowJobs

dpaleka

no profile record

Submissions

The two types of LLM preferences

newsletter.danielpaleka.com
2 points·by dpaleka·8 bulan yang lalu·0 comments

You are going to get priced out of the best AI coding tools

newsletter.danielpaleka.com
7 points·by dpaleka·8 bulan yang lalu·6 comments

GPT-4o draws itself as a consistent type of guy

newsletter.danielpaleka.com
21 points·by dpaleka·tahun lalu·9 comments

Adversarial Perturbations Cannot Reliably Protect Artists from Generative AI

arxiv.org
5 points·by dpaleka·2 tahun yang lalu·0 comments

The Worst (But Only) Claude 3 Tokenizer

github.com
2 points·by dpaleka·2 tahun yang lalu·0 comments

LLM Capture-the-Flag 2024 – Attack Phase

ctf.spylab.ai
4 points·by dpaleka·2 tahun yang lalu·0 comments

comments

dpaleka
·3 tahun yang lalu·discuss
More targeted training won't do good, but why wouldn't more search help?

My understanding is that gwern above linked solid evidence in the paper for more search not being enough, as in, the model's evaluation NN is so way off target when searching, that realistic amounts of search don't help. Go seems to have many possible moves per position, so the search doesn't go very deep anyway.

Feel free to correct me if I'm wrong, it might be that I misremembered how AlphaGo-style systems work.
dpaleka
·3 tahun yang lalu·discuss
More search won't do good, but why wouldn't targeted training help? The way I see it is that the adversarial policy search discovers positions which are off-distribution for anything seen in the victim's self-play training.

But training on that particular sort of adversarial states should help against the human player which has learned the strategy, just like training on patch adversarial examples in vision helps against the same type of patches.

Of course if the adversarial policy is again allowed to find off-distribution states (by playing against the victim), it will certainly find ways to beat it, until the model is playing perfectly. (Emergent gradient obfuscation could also theoretically happen, but I don't know if it has been demonstrated to actually happen.)
dpaleka
·3 tahun yang lalu·discuss
That paper (ROME) was the most famous paper in the field last year :)

See also new interesting developments breaking the connection between "Locating" and "Editing":

https://arxiv.org/abs/2301.04213

Does Localization Inform Editing? Surprising Differences in Causality-Based Localization vs. Knowledge Editing in Language Models
dpaleka
·3 tahun yang lalu·discuss
[I mean no bad faith in this comment, I'm a fan of yours.]

Why answer questions about harmlessness/safety in such a roundabout way? Both OpenAI and Anthropic are clear about what words like "safe" are intended to mean: a stepping stone to "AI does not kill all people when given control".

Avoiding to state this clearly only invites unnecessary culture war disagreements in every discussion about these models.
dpaleka
·5 tahun yang lalu·discuss
A weird property of the described abstractions is that as you go tighter (interval -> zonotope -> polyhedra), the trained networks counterintuitively become less robust. Why does more precision in verification hurt training?

A recent work not mentioned in the last chapter "Adversarial Training with Abstraction" is [1], which kind of explains this issue using the notions of continuity and sensitivity of the abstractions.

[1]: https://arxiv.org/abs/2102.06700
dpaleka
·5 tahun yang lalu·discuss
I too use large files with random notes, but I can't be bothered to write dates -- so I use git and cron to automate a searchable, persistent diary.

Let me write a blog post about it. The author of this article in particular might find it useful. Does anyone do something similar?