HackerTrans
トップ新着トレンドコメント過去質問紹介求人

Cynddl

1,303 カルマ登録 13 年前

投稿

Hijacking Defensive Cyber AI Agents for Remote Code Execution

ainowinstitute.org
2 ポイント·投稿者 Cynddl·一昨日·0 コメント

Our evaluation of OpenAI's GPT-5.5 cyber capabilities

aisi.gov.uk
2 ポイント·投稿者 Cynddl·2 か月前·0 コメント

Making AI chatbots friendly leads to mistakes and support of conspiracy theories

theguardian.com
93 ポイント·投稿者 Cynddl·2 か月前·80 コメント

UK Biobank health data keeps ending up on GitHub

biobank.rocher.lc
197 ポイント·投稿者 Cynddl·3 か月前·57 コメント

[untitled]

2 ポイント·投稿者 Cynddl·3 か月前·0 コメント

ChatGPT Edu feature reveals researchers' project metadata across universities

fastcompany.com
2 ポイント·投稿者 Cynddl·4 か月前·0 コメント

AI no better than other methods for patients seeking medical advice, study shows

reuters.com
3 ポイント·投稿者 Cynddl·5 か月前·0 コメント

AI chatbots pose 'dangerous' risk when giving medical advice, study suggests

bbc.co.uk
4 ポイント·投稿者 Cynddl·5 か月前·2 コメント

Show HN: Small, anonymous app for teams to do retrospective sessions

retrospective.rocher.lc
1 ポイント·投稿者 Cynddl·5 か月前·0 コメント

Measuring What Matters: Construct Validity in Large Language Model Benchmarks

arxiv.org
1 ポイント·投稿者 Cynddl·8 か月前·0 コメント

AI Capabilities May Be Overhyped on Bogus Benchmarks, Study Finds

gizmodo.com
43 ポイント·投稿者 Cynddl·8 か月前·17 コメント

AI's capabilities may be exaggerated by flawed tests, according to new study

nbcnews.com
3 ポイント·投稿者 Cynddl·8 か月前·0 コメント

Experts find flaws in tests that check AI safety and effectiveness

theguardian.com
3 ポイント·投稿者 Cynddl·8 か月前·0 コメント

Measuring What Matters: Construct Validity in Large Language Model Benchmarks

oxrml.com
3 ポイント·投稿者 Cynddl·8 か月前·2 コメント

コメント

Cynddl
·18 日前·議論
If you look at the bottom of the page, you’ll find guidelines that mention which content is welcomed: “Anything that good hackers would find interesting. That includes more than hacking and startups. If you had to reduce it to a sentence, the answer might be: anything that gratifies one's intellectual curiosity.”

That said, I find this particularly of interest here given the growing attention to the use of algorithms and AI (including generative AI) for surveillance and targeting of palestinians.
Cynddl
·2 か月前·議論
Hi all, co-author here! Happy to answer any questions about our work.
Cynddl
·2 か月前·議論
(Title edited, was slightly too long)
Cynddl
·2 か月前·議論
This sounds super interesting and relevant. I run a small cluster with H100s (often research projects with vLLM) and being able to see not just usage but efficiency would be great.

I don't fully get the 100% utilisation vs. 1-10% real compute. Given you rely on telemetry from users to add new models, are you trying to predict how fast a model should be on vLLM, compared to how it runs in practice? What if users tweak some hyperparameters?
Cynddl
·3 か月前·議論
It's not a zero-sum game, you can both protect people and reap the benefits of health data. Many countries have much safer approaches. UK Biobank typically leads with the scale of the data, but not with its infrastructure.
Cynddl
·3 か月前·議論
That's a very important point. The people who opt out first are typically not a random fraction of the population, and this makes it much harder to make any analyses with the resulting datasets: it gets very hard to know if your analyses are representative of the population, or not.
Cynddl
·3 か月前·議論
Good catch! The data is everywhere, re-uploaded every week.

I am aware of ~30 repositories that UK Biobank has asked GitHub to delete, and can still be found elsewhere online. They know the site, they have managed to delete data from that site before, and yet the files are still there.
Cynddl
·3 か月前·議論
You mean giving anyone access to the data? Or open sourcing the code? If the latter, I think that's a generally a good practice. Security through obscurity is never good for public infrastructure. In this case, UK Biobank has now switched to a remote access platform (not particularly secure, as the data was found for sale on Alibaba today), but contracting it to DNAnexus and Amazon. Private companies have no incentives to open source data, unless mandated to do so.

In the EU, there is a bigger interest in building scalable but also secure platforms for health data. Hopefully good innovation will come from there.
Cynddl
·3 か月前·議論
They may have been leaked up to 197 times: https://biobank.rocher.lc/
Cynddl
·3 か月前·議論
yes, there’s an active area of research on web fingerprint, both attacks and defences. Look at conferences like PETS for instance
Cynddl
·3 か月前·議論
Is it me or they very carefully do not report performance on GPT-5.4 Pro, only the default GPT-5.4? They also very carefully left Anthropic models out of their comparison.

I went back to the BixBench benchmark which they mentioned. I couldn't find official results for Anthropic models, but I found a project taking Opus 4.6 from 65.3% to 92.0% (which would be above GPT-Rosalind) with nearly 200 carefully crafted skills [1]. There also appears to be competitive competitor models with scores on par with this tuned GPT.

[1] https://github.com/jaechang-hits/SciAgent-Skills
Cynddl
·3 か月前·議論
> Each case runs three agents: a Curator reads the advisory and builds an answer key, a Finder (the model under test) gets 24 shell steps to explore the code and write a structured report, and a Judge scores the blinded submission. The Finder never sees the patch. It starts from sink hints and must trace the bug through actual code.

Curator, answer key, Finder, shell steps, structured report, sink hints… I understand nothing. Did you use an LLM to generate this HN submission?

It looks like a standard LLM-as-a-judge approach. Do you manually validate or verify some of the results? Done poorly, the results can be very noisy and meaningless.
Cynddl
·3 か月前·議論
Once again an evaluation missing confidence intervals. “continued improvement” and “significant improvement” but without any significance testing is moot.

With many colleagues (including from AISI themselves!), we recently reviewed 445 the AI benchmarks & evaluations from the past few years. Our work was published at NeurIPS (https://openreview.net/pdf?id=mdA5lVvNcU) and we made eight recommendations for better evaluations. One is “use statistical methods to compare models”:

□ Report the benchmark’s sample size and justify its statistical power

□ Report uncertainty estimates for all primary scores to enable robust model comparisons

□ If using human raters, describe their demographics and mitigate potential demographic biases in rater recruitment and instructions

□ Use metrics that capture the inherent variability of any subjective labels, without relying on single-point aggregation or exact matching.

I would strongly recommend taking these blog posts with a grain of salt, as there is very little that can be learned without proper evaluations.
Cynddl
·3 か月前·議論
> "Unavailable Due to the UK Online Safety Act"

Anyone outside the UK can share what this is about?
Cynddl
·3 か月前·議論
> “These are not isolated incidents. They are symptoms of a systemic problem: the benchmarks we rely on to measure AI capability are themselves vulnerable to the very capabilities they claim to measure.”

As a researcher in the same field, hard to trust other researchers who put out webpages that appear to be entirely AI-generated. I appreciate it takes time to write a blog post after doing a paper, but sometimes I'd prefer just a link to the paper.
Cynddl
·5 か月前·議論
Link to the study: https://www.nature.com/articles/s41591-025-04074-y

Co-author here and happy to answer questions!
Cynddl
·5 か月前·議論
Have you tried https://huetone.ardov.me/? Multiple color scales, P3, export to CSS and figma, as well as APCA & WCAG for accessibility.
Cynddl
·8 か月前·議論
Looks like a new model trained to be warmer and friendlier to users. Time to reshare our work: https://arxiv.org/html/2507.21919

> Artificial intelligence (AI) developers are increasingly building language models with warm and empathetic personas that millions of people now use for advice, therapy, and companionship. Here, we show how this creates a significant trade-off: optimizing language models for warmth undermines their reliability, especially when users express vulnerability. We conducted controlled experiments on five language models of varying sizes and architectures, training them to produce warmer, more empathetic responses, then evaluating them on safety-critical tasks. Warm models showed substantially higher error rates (+10 to +30 percentage points) than their original counterparts, promoting conspiracy theories, providing incorrect factual information, and offering problematic medical advice. They were also significantly more likely to validate incorrect user beliefs, particularly when user messages expressed sadness. Importantly, these effects were consistent across different model architectures, and occurred despite preserved performance on standard benchmarks, revealing systematic risks that current evaluation practices may fail to detect. As human-like AI systems are deployed at an unprecedented scale, our findings indicate a need to rethink how we develop and oversee these systems that are reshaping human relationships and social interaction.
Cynddl
·10 か月前·議論
Anyone knows what Mojo is doing that Julia cannot do? I appreciate that Julia is currently limited by its ecosystem (although it does interface nicely with Python), but I don't see how Mojo is any better then.