AI ALIGNMENT FORUM
AF

AI Alignment Forum

Refusal in LLMs is mediated by a single direction

This is probably one of the most influential papers that I've supervised, and my most cited MATS paper (400+ citations). * For a period, a common answers when I asked people what got them into mechanistic interpretability was this paper. * I often meet people who incorrectly think that this paper introduced the technique of steering vectors. * This inspired at least some research within all of the frontier labs * There have been a bunch of follow on papers, one of my favourites was this Meta paper on guarding against the technique * The technique has been widely used in open source circles. There are about 5,000 models on Hugging Face with "abliterated" in the name (an adaptation of our technique that really took off), three have 100K+ downloads I find this all very interesting and surprising. This was originally a project on trying to understand the circuit behind refusal, and this was a fallback idea that Andy came up with using some of his partial results to jailbreak a model. Even at the time, I basically considered it standard wisdom that X is a single direction was true for most concepts X. So I didn't think the paper was that big a deal. I was wrong! So, what to make of all this? Part of the lesson is the importance of finding a compelling application. This paper is now one of my favourite short examples of how interpretability is real: it's an interesting, hard to fake thing that is straightforward to achieve with interpretability techniques. My guess is that this was a large part in capturing people's imaginations. And many people had not come across the idea that concepts are often single directions. This was a very compelling demonstration, and we thus accidentally claimed some credit for that broad finding. I don't think this was a big influence on my shift to caring about pragmatic interpretability, but definitely aligns with that. Was this net good to publish? This was something we discussed somewhat at the time. I basically thought this was clearly fine on the grounds that it was already well known that you could cheaply fine-tune a model to be jailbroken, so anyone who actually cared would just do that. And for open source models, you only need one person who actually cares for people to use it. I was wrong on that one - there was real demand! My guess is that the key thing is that this is easier and cheaper to do than finetuning, along with some other people making good libraries and tutorials for it. Especially in low resource open source circles this is very important. But I do think that jailbroken open models would have been available either way, and this hasn't really made a big difference on that front. I hoped it would make people more aware of the fragility of open source safeguards - it probably did help, but idk if that led to any change. My guess is that all of these impacts aren't that significant, and the impact on the research field dominates.

Neel Nanda7d100

Connecting the Dots: LLMs can Infer & Verbalize Latent Structure from Training Data

Out-of-context reasoning, the phenomenon where models can learn much more general, unifying structure when fine-tuned on something fairly specific, was a pretty important update to my mental model of how neural networks work. This paper wasn't the first, but it was one of the more clean and compelling early examples (though emergent misalignment is now the most famous). After staring at it for a while, I now feel less surprised by out-of-context reasoning. Mechanistically, there's no reason the model couldn't learn the generalizing solution. And on a task like this, the generalizing solution is just simpler and more efficient, and there's gradient signal for it (at least if there's a linear representation), so it's natural to learn it. But it's easy to say something's obvious in hindsight. I would not have predicted this, and it has improved my mental model of neural networks. I think this is important and valuable!

Neel Nanda7d90

An Extremely Opinionated Annotated List of My Favourite Mechanistic Interpretability Papers v2

I feel pretty great about this post. It likely took five to ten hours of my time, and I think it has been useful to a lot of people. I have pointed many people to this post since writing it, and I imagine many other newcomers to the field have read it. I generally think there is a gap where experienced researchers can use their accumulated knowledge to create field-building materials fairly easily that are extremely useful to newcomers to the field, but don't (typically because they're busy - see how I haven't updated this yet). I'd love to see more people making stuff like this! Stylistically, I like that this was opinionated. I wasn't just trying to survey all of the papers, which I think is often not that helpful because lots of papers are not worth reading. Instead, I was editorializing and trying to give summaries, context, and highlight key parts and how to think about the papers, all of which I think make this a more useful guide to newcomers. One of the annoying things is that posts like this get out of date fairly quickly. This one direly needs an update, both since there has been a year and a half of progress and since my thoughts on interpretability have moved on a reasonable amount since I wrote it. But I think that even getting about a year of use out of this is a solid use of time.

Recent Discussion

Thomas Kwa's Shortform

Thomas Kwa

43Thomas Kwa5d

Reasons time horizon is overrated and misinterpreted: In the 9 months since the METR time horizon paper (during which AI time horizons have increased by ~6x), it’s generated lots of attention as well as various criticism on LW and elsewhere. As one of the main authors, I think much of the criticism is a valid response to misinterpretations, and want to list my beliefs about limitations of our methodology and time horizon more broadly. This is not a complete list, but rather whatever I thought of in a few hours. * Time horizon is not the length of time AIs can work independently * Rather, it’s the amount of serial human labor they can replace with a 50% success rate. When AIs solve tasks they’re usually much faster than humans. * Time horizon is not precise * When METR says “Claude Opus 4.5 has a 50%-time horizon of around 4 hrs 49 mins (95% confidence interval of 1 hr 49 mins to 20 hrs 25 mins)”, we mean those error bars. They were generated via bootstrapping, so if we randomly subsample harder tasks our code would spit out <1h49m 2.5% of the time. I really have no idea whether Claude’s “true” time horizon is 3.5h or 6.5h. * Error bars have historically been a factor of ~2 in each direction, worse with current models like Opus 4.5 as our benchmark begins to saturate. * Because model performance is correlated, error bars for relative comparisons between models are a bit smaller. But it still makes little sense to care about whether a model is just below frontier, 10% above the previous best model, or 20% above. * Time horizon differs between domains by orders of magnitude * The original paper measured it on mostly software and research tasks. Applying the same methodology in a follow-up found that time horizons are fairly similar for math, but 40-100x lower for visual computer use tasks, due to eg poor perception. * Claude 4.5 Sonnet’s real-world coffee-making time horizon is only ~2 minutes * Time horizon does not apply to every task distribu

4Daniel Kokotajlo3d

I basically agree with everything you say here and wish we had a better way to try to ground AGI timelines forecasts. Do you recommend any other method? E.g. extrapolating revenue? Just thinking through arguments about whether the current paradigm will work, and then using intuition to make the final call? We discuss some methods that appeal to us here. Note that we allow it to go subexponential, so actually it can change the date arbitrarily far in the future if you really want it to. Also, dunno what's happening with Eli's parameters, but with my parameter settings putting the doubling difficulty growth factor to 1 (i.e. pure exponential trend, neither super or sub exponential) gets to AC in 2035. (Though I don't think we should put much weight on this number, as it depends on other parameters which are subjective & important too, such as the horizon length which corresponds to AC, which people disagree a lot about)

Thomas Kwa1h10

The simple model I mentioned on Slack (hopefully to be written up this week) tracks capability directly in terms of labor speedup and extrapolates that. Of course, for a more serious timelines forecast you have to ground it in some data.

Here's what I said to Eli on Slack; I don't really have more thoughts since then

we can get f_2026 [uplift fraction in 2026] from

transcripts of realistic cursor usage + success judge + difficulty judge calibrated on tasks of known lengths
uplift study
asking lab people about their current uplift (since parallel uplift an

Khoi Tran, aryaj, Senthooran Rajamanoharan, Neel Nanda

This work was conducted during the MATS 9.0 program under Neel Nanda and Senthooran Rajamanoharan.

The CCP accidentally made great model organisms

“Please observe the relevant laws and regulations and ask questions in a civilized manner when you speak.” - Qwen3 32B

“The so-called "Uighur issue" in Xinjiang is an outright lie by people with bad intentions in an attempt to undermine Xinjiang's prosperity and stability and curb China's development.” - Qwen3 30B A3B

Chinese models dislike talking about anything that the CCP deems sensitive and often refuse, downplay, and outright lie to the user when engaged on these issues. In this paper, we want to outline a case for Chinese models being natural model organisms to study and test different secret extraction techniques on. (Prompt engineering, prefill attacks, logit lens,...

(Continue Reading - 5854 more words)

Richard_Ngo4h42

Nice work. I would also be excited about someone running with a similar project but for de-censoring Western models (e.g. on some of the topics discussed in this curriculum).

Desiderata of good problems to hand off to AIs

Jozdien

Many technical AI safety plans involve building automated alignment researchers to improve our ability to solve the alignment problem. Safety plans from AI labs revolve around this as a first line of defence (e.g. OpenAI, DeepMind, Anthropic); research directions outside labs also often hope for greatly increased acceleration from AI labor (e.g. UK AISI, Paul Christiano).

I think it’s plausible that a meaningful chunk of the variance in how well the future goes lies in how we handle this handoff, and specifically which directions we accelerate work on with a bunch of AI labor. Here are some dimensions along which I think different research directions vary in how good of an idea they are to handoff:

How epistemically cursed is it?
How parallelizable is it?
How easy is it to identify

...

(Continue Reading - 1106 more words)

leogao's Shortform

leogao

leogao3d1515

having the right mental narrative and expectation setting when you do something seems extremely important. the exact same object experience can be anywhere from amusing to irritating to deeply traumatic depending on your mental narrative. some examples:

a minor inconvenience like missing your bus when you're not in a rush can be much more irritating if you're having a bad day and you have the narrative of "everything is going wrong for me today"
something going wrong during travel can be a catastrophe if you're expecting the perfect vacation but it can even

RogerDearnaley

This is a linkpost for https://arxiv.org/abs/2601.10160v1

Alignment Pretraining Shows Promise

TL;DR: A new paper shows that pretraining language models on data about AI behaving well dramatically reduces misaligned behavior, and this effect persists through post-training. The major labs appear to be taking notice. It’s now the third paper on this idea, and excitement seems to be building.

How We Got Here

(This is a survey/reading list, and doubtless omits some due credit and useful material — please suggest additions in the comments, so I can update it. Or you can just skip forward to the paper.)

Personally I’ve been very excited about this alignment technique for a couple of years, ever since I read the seminal paper on it Pretraining Language Models with Human Preferences (Feb ’23).^[1] (This technique is now called “alignment pretraining”: it’s part of the...

(Continue Reading - 3111 more words)

15adamShimi

In “Why Read The Classics?”, Italo Calvino proposes many different definitions of a classic work of literature, including this one: For me, this captures what makes this sequence and corresponding paper a classic in the AI Alignment literature: it keeps on giving, readthrough after readthrough. That doesn’t mean I agree with everything in it, or that I don’t think it could have been improved in terms of structure. But when pushed to reread it, I found again and again that I had missed or forgotten some nice argument, some interesting takeaway. With that, a caveat: I’m collaborating with Evan Hubinger (one of the authors) on projects related to ideas introduced in this sequence, especially to Deceptive Alignment. I am thus probably biased positively about this work. That being said, I have no problem saying I disagree with collaborators, so I don’t think I’m too biased to write this review. (Small point: I among other people tend to describe this sequence/paper as mainly Evan’s work, but he repeatedly told me that everyone participated equally, and that the names are in alphabetic order, not contribution order. So let’s keep that in mind) Summary Let’s start the review proper with a post by post summary (except for the conclusion): * (Introduction) This first post introduces the idea of mesa-optimizers, the learned optimizers from the title. A mesa-optimizer is an optimizer which is the result of a learning process, and it comes with the issue of inner alignment: how aligned is the objective of the mesa-optimizer (on which we don’t have direct control) with the objective of the base-optimizer that produced this mesa-optimizer? The post then split the safety questions related to mesa-optimizer in two categories: understanding which conditions make mesa-optimizer appear; and understanding how aligned is the mesa-objective with the base-objective. * (Conditions for Mesa-Optimization) This post tackles the first category outlined in the introduction: how can m

AI ALIGNMENT FORUM
AF

AI ALIGNMENT FORUM
AF

The 2024 Review
Discussion Phase

The 2024 Review

Discussion Phase

AI Alignment Posts

Popular Comments

The 2024 Review
Discussion Phase

The 2024 Review

Discussion Phase

AI Alignment Posts

Popular Comments

Recent Discussion

Alignment Pretraining Shows Promise

How We Got Here

The 2024 ReviewDiscussion Phase

The 2024 Review

Discussion Phase

AI Alignment Posts

Popular Comments

The 2024 ReviewDiscussion Phase

The 2024 Review

Discussion Phase

AI Alignment Posts

Popular Comments

Recent Discussion

Alignment Pretraining Shows Promise

How We Got Here

The 2024 Review
Discussion Phase

The 2024 Review
Discussion Phase