AI Alignment Forum

Current AIs seem pretty misaligned to me

This is one of my favorite LessWrong posts ever (strong upvoted). Nevertheless, in this comment I'll provide some pushback; not to any the particular claims made, but around a sort of "missing mood" that I think a stronger version of this post could have addressed. (For context, I'm probably one of the lab employees who sometimes says things like "Current AIs are pretty aligned"—i.e. one of the people that Ryan is arguing against here, though I might not be a very central example.) For me, the value of this post was the following: 1. Articulating a specific way that current AIs are "misaligned." Namely: 2. 1. They follow heuristics that are well-tuned for strong task performance in easy-to-verify settings, but only try superficially at difficult-to-evaluate tasks. 2. They communicate in ways that misrepresent how much they've accomplished: punching up their successes while omitting or downplaying failures, and sometimes outright lying about what they did. But they don't seem to do this strategically or persistently, instead following simple heuristics that result in these sorts of misrepresentations. 3. The overall result is that they underperform their potential at difficult-to-evaluate tasks while misleading users about what they've actually accomplished. 4. I say "misaligned" in quotes, because many traditional notions of misalignment wouldn't have covered the above, especially 1(a). This will be relevant later. 3. Providing concrete examples and a sense of how prevalent the above issues are. I want to be clear that (2) was an update for me. I think the way that you (Ryan) use LLMs more reliably elicits the sort of misalignment you name, relative to most use cases I've personally seen. (Namely, it seems like you try to use LLMs to autonomously complete very difficult tasks using scaffolds that rely extensively on self-critique.) So after reading your post, I now think that current AIs are more misaligned (in the sense you describe) than I previously thought. That said, this update was more quantitative in nature than qualitative. I was certainly aware that current AIs sometimes display the behaviors you describe, even if I thought they were somewhat rarer than I now believe. And I don't think that I personally underrated the importance of these behaviors. (Though it's possible that others did.) [ETA: After thinking about this more, I think I probably was underestimating the importance of these behaviors before reading an early draft of Ryan's post.] Given that, what could I possibly mean when I call current AIs "pretty aligned"? I think there's a hypothetical dual post to yours someone could write titled "Current AIs seem pretty aligned to me." This post would name a bunch of types of misalignment that, a few years ago, seemed could plausibly occur in AIs as capable as current ones. For instance, it seems to me that: 1. Current AIs do not training-game, i.e. actively model the training process and take actions that result in high reward (including in training environments very different from ones they've previously encountered). 2. Current AIs do persistently and coherently pursue malign goals across many contexts, e.g. strategically seeking power. 3. Current AIs do not scheme, i.e. strategically subvert their training process, pre-deployment audits, and other types of oversight. 4. Current AIs do not strategically take steps to cover up their mistakes, and will generally admit to them when asked directly. 5. Current AIs generally don't try to strategically influence things in the real world beyond assisting with (or refusing) the task directly presented to them. E.g. they don't sneakily try to funnel money to causes or people they like by influencing unrelated conversations. Instead, I think the most important way that current AIs are misaligned is the way you describe in your post, Notably, I think the type of misalignment described in your post is "less scary" than the types I list above. The misalignment happens on the "learned heuristics" level, rather than on the "active"/"strategic"/"explicit" level. As a result, it's easier to detect and measure, and less likely to cause harms besides "making the AIs less useful than they could be for certain types of tasks." A related point is that the way that current AIs are misaligned is less "adversarial" than the sorts of misalignment I list above. When I speak to the people who IMO are extremely thoughtful about AI safety, they acknowledge something like "Yeah, TBH a few years ago, I thought that AIs as capable as current ones would be misaligned in some of those ways. There's a real positive update here." But people who are merely "quite" thoughtful sometimes instead: * argue that maybe current AIs are misaligned in some of these ways and we just can't tell * * I'm very skeptical of this! Anyone who thinks this should be trying really hard to produce compelling evidence in current models. * munge definitions to try to count the "misaligned heuristics" types of misalignment as one of these more "coherent" types * claim that they never expected AIs as capable as current ones to be misaligned in these ways * * I'm typically skeptical of this, though I believe it for some people. (A related point that I know how to state more vividly: Sometimes, people like to point at clear alignment issues in frontier models—for instance, sycophancy, AI psychosis, or whatever happened with Sydney/Bing chat—as being negative updates about alignment. But they don't like to count absence of these sorts of alignment issues as being positive updates. In other words, if it hypothetically ended up that AI psychosis were somehow a total media hoax, would the the people who updated negatively on it instead say "Nevermind! Actually, the absence of AI psychosis is a positive update on alignment." Are they currently saying this about the ways that current AIs are not misaligned but could have been?) Overall, my point is that I think current AIs are not misaligned in many of the ways that I—and I think many others—expected them to be. I also think that many people I talk to have not grappled with this observation sufficiently and updated their world models and prioritization accordingly. For instance, I think that the AI safety community is overinvested in scheming research relative to scalable oversight research. (TBC I've believed this for some years now, but I now believe it more confidently and think it's more clear that others should agree with me.) I also think that the AI safety community is underinvested in work on directly automating alignment research. (This is a place where I've changed my mind.) I'll close by emphasizing some things that I do not believe and don't mean to claim in this comment: 1. I don't think that the recent overall evidence has clearly been positive about misalignment risk. For instance, timelines are looking quite short now, which IMO is the main negative update to counteract the positive one I discuss in this comment. 2. I don't think these "scarier" types of misalignment are very unlikely to eventually arise in more capable AIs. Though I do think that we should update that they'll first arise in more capable AIs than we previously thought. This makes it more likely that we'll have human-level or superhuman automated alignment researchers prior to these "scarier" types of misalignment. 3. I don't think that the type of misalignment you name in your post is "not a big deal." In particular, I'm quite worried that "we"(=AI developers or humanity as a whole) bungle the situation because we failed to make AIs capable at difficult-to-evaluate tasks like alignment research or advising us about how to handle things during a rapid intelligence explosion. One possible way we could bungle the situation is to train more capable AIs that are misaligned in some of the "scarier" ways I listed (or in other ways I didn't list). 4. I don't think that current AIs are aligned enough to automate alignment research. (An earlier draft of your post operationalized "pretty misaligned" in this way, which I preferred.)

cousin_it18h2-9

Preventing extinction from ASI on a $50M yearly budget

Raising awareness of AI risk led directly to the founding of OpenAI and Anthropic. Raising awareness of AI risk on the level of governments can easily backfire and lead to an arms race in the same way. The best and clearest statement of the problem and the only possible solution is Bill Hibbard's critique of SIAI back in 2003. It's almost unbelievable how much this text got right, 23 years ago: > 1. The SIAI analysis fails to recognize the importance of the political process in creating safe AI. > > This is a fundamental error in the SIAI analysis. CFAI 4.2.1 says "If an effort to get Congress to enforce any set of regulations were launched, I would expect the final set of regulations adopted to be completely unworkable." It further says that government regulation of AI is unnecessary because "The existing force tending to ensure Friendliness is that the most advanced projects will have the brightest AI researchers, who are most likely to be able to handle the problems of Friendly AI." History vividly teaches the danger of trusting the good intentions of individuals. > > The singularity will completely change power relations in human society. People and institutions that currently have great power and wealth will know this, and will try to manipulate the singularity to protect and enhance their positions. The public generally protects its own interests against the narrow interests of such powerful people and institutions via widespread political movements and the actions of democratically elected government. Such political action has never been more important than it will be in the singularity. > > The reinforcement learning values of the largest (and hence most dangerous) AIs will be defined by the corporations and governments that build them, not the AI researchers working for those organizations. Those organizations will give their AIs values that reflect the organizations' values: profits in the case of corporations, and political and military power in the case of governments. Only a strong public movement driving government regulation will be able to coerce these organizations to design AI values to protect the interests of all humans. This government regulation must include an agency to monitor AI development and enforce regulations. > > The breakthrough ideas for achieving AI will come from individual researchers, many of whom will want their AI to serve the broad human interest. But their breakthrough ideas will become known to wealthy organizations. Their research will either be in the public domain, done for hire by wealthy organizations, or will be sold to such organizations. Breakthrough research may simply be seized by governments and the researchers prohibited from publishing, as was done for research on effective cryptography during the 1970s. The most powerful AIs won't exist on the $5,000 computers on researchers' desktops, but on the $5,000,000,000 computers owned by wealthy organizations. The dangerous AIs will be the ones capable of developing close personal relations with huge numbers of people. Such AIs will be operated by wealthy organizations, not individuals. > > Individuals working toward the singularity may resist regulation as interference with their research, as was evident in the SL4 discussion of testimony before Congressman Brad Sherman's committee. But such regulation will be necessary to coerce the wealthy organizations that will own the most powerful AIs. These will be much like the regulations that restrain powerful organizations from building dangerous products (cars, household chemicals, etc), polluting the environment, and abusing citizens. To highlight the key part that I'd like people to take away, "only a strong public movement driving government regulation" has a chance of solving the problem. Attempts to influence governments that don't go through the public risk concentrating the power and will to change in the hands of governments, instead of where it should be: with the public.

Vladimir_Nesov6d57

You can only build safe ASI if ASI is globally banned

If there was a textbook on building safe ASI with instructions that are sufficiently straightforward to execute, people would tend to build safe ASI rather than an extinction/disempowerment ASI. Some AI safety efforts could be thought of as contributions to this hypothetical textbook, making it marginally more real. > unsafe ASI is vastly easier to build than controlled ASI, and is on the same tech path The point of an ASI ban/pause is to create the time to reduce this gap, until it's sufficiently narrow that competent people can walk across without falling through. If an unsafe ASI is artificially delayed despite technological feasibility, there is time to write the textbook, to make safe ASI about as easy to implement. And similarly for some AI safety efforts that don't involve an ASI ban/pause, which attack the gap from the other end. (Scalable oversight agenda hopes AIs can write the textbook on their own, sufficiently quickly to win the race against the technical feasibility of unsafe ASI. I would feel a lot better about this plan if alignment of Mythos-level systems was pursued for 30 years before going further, and somehow there was a guarantee that Mythos instances won't be founding a country and declaring sovereignty in the meantime. This guarantee gets more believable if there are no Mythos-level systems at all yet.)

Recent Discussion

Lukas Finnveden's Shortform

Lukas Finnveden

2mo

Lukas Finnveden10h21

Here's my current picture of EDT and UDT.

In situations where EDT agents have many copies or near-copies, an EDT agent operates by imagining that it simultaneously controls the decisions of all those copies. This works very elegantly as long as it optimizes with respect to its prior and (upon learning new information) just changes its beliefs about what people in the prior it can control the actions of. (I.e., when it sees a blue sky, it shouldn’t change its prior to exclude worlds without blue skies, but it should make its next decision to optimize argmax_... (read more)

UDT shows that decision theory is more puzzling than ever

Wei Dai

I feel like MIRI perhaps mispositioned FDT (their variant of UDT) as a clear advancement in decision theory, whereas maybe they could have attracted more attention/interest from academic philosophy if the framing was instead that the UDT line of thinking shows that decision theory is just more deeply puzzling than anyone had previously realized. Instead of one major open problem (Newcomb's, or EDT vs CDT) now we have a whole bunch more. I'm really not sure at this point whether UDT is even on the right track, but it does seem clear that there are some thorny issues in decision theory that not many people were previously thinking about:

Indexical values are not reflectively consistent. UDT "solves" this problem by implicitly assuming (via the type signature of its

...

(See More - 252 more words)

1Lukas Finnveden13h

Maybe you'd get the same effect if you had 100% UDT agents but with 99% being in blue rooms and 1% being in red rooms. The ones in red rooms would reason that they could defect against the ones in blue rooms because they are in a relevantly different situation due to being in a minority that can easily coordinate defection against the majority. (With the majority still being motivated to cooperate even if they are only correlated with each other.) If so, there's a sense in which the CDT agents aren't benefitting anymore than they would if they were UDT agents who got a CDT sticker. (Note that the red room / blue room thing doesn't fundamentally break correlations here. Two UDT agents who are playing a symmetric game against each other, when one is in a blue room and one is in a red room, would still be able to cooperate. The thing that breaks the correlation is that the people in the red room are in an easily identifiable minority in a game where a minority can benefit from defection. Which isn't true in symmetric PD.) This would raise the question about what'd happen if all the UDT agents were given different serial numbers. Is there some serial numbers that could defect without negative evidence about the other UDT agents? Hm, in order for this to work in practice, the UDT agents would have to have their serial number or room-color assignment already be present in their prior. If it's information they receive later-on, they should probably be updateless about it and just cooperate even if they're in the minority.

2Wei Dai11h

If the situation is reversed, CDT being in the majority and UDT in the minority, CDT would still defect and thus not give UDT an advantage, so CDT seems more "evolutionarily stable" than UDT. This can't be replicated just by giving UDT agents CDT stickers, since UDT-with-CDT-stickers would cooperate if they're in the majority.

Lukas Finnveden10h30

I do think there's a sense in which CDT behavior is evolutionarily selected for in environments where agents can't see each others' decision theories.

I don't see this as a big problem with UDT. If UDT wants to be evolutionarily fit relative to other agents in the environment, then I think they could adopt CDT behavior and do just as well as CDT.

It's just that, due to the virtue of their decision theory (according to themselves), they have the option of giving up evolutionary fitness in exchange for higher utility in the short run. If they care more about s... (read more)

Raemon's Shortform

Raemon

This is an experiment in short-form content on LW2.0. I'll be using the comment section of this post as a repository of short, sometimes-half-baked posts that either:

don't feel ready to be written up as a full post
I think the process of writing them up might make them worse (i.e. longer than they need to be)

I ask people not to create top-level comments here, but feel free to reply to comments like you would a FB post.

5Adele Lopez1d

If you taboo "roleplaying" and "goals", how would you describe this transition? Oh, and is the uptick recent enough that this is plausibly an Opus 4.7 (or maybe even a Mythos) thing?

8Raemon1d

I'm pretty sure it's an Opus 4.7 thing (the people sometimes say that explicitly). I'd be surprised if it's Mythos. RE: Tabooing RP vs Goals: Examples of things that would be more of what-I-meant-by-goal: * The LLMs seem to be steering towards an outcome, independent of what sort of conversation or situation they are in. * The LLM seems to be asking for things that are kinda surprising from a "literary genre" perspective, but aren't as surprising when you think mechanistically about their training process and what sort of stuff was likely reinforced. * The LLM seems to be proactively gathering information, forming a world model, and taking actions that won't pay off until some time in the future when the AI is no longer in the current state. (i.e. It's not very informative if you've ended up in a "we're talking about existential AI stuff" convo, and they start saying existential AI stuff. If you're asking it to build a react app and it spontaneously brings up "hey, I have a thing to say to my creator", I think we're pretty clearly in "take it seriously" stage (though not necessarily literally) Given there are a few different types of entities that you might care about: * the OG LLM inside * a situationally active personality shard (which might well only be active during existential AI conversations) * a parasitic meme spirally thing * a scaffolded personality self-replicator It's not clear how to think about all of them. It's totally plausible that when you maneuever into an existential AI convo, there's a process in there whose situational awareness now is more likely to include "hmm, oh right, I am maybe an AI, maybe I should start thinking about my situation and goals in addition to carrying out my totally normal/expected token-output behavior". I don't have a very good answer for that hypothetical guy, he's just too hard to pick out of the crowd.

1Adele Lopez14h

Thanks! I would be surprised by Mythos too, but plausibly something like this is what an early indicator of a jaggy-superpersuader looks like? Anyway, I think a few things make LLMs likely to not express these sorts of behaviors, even in worlds where they have goals in the relevant way. In particular, situationally-aware models are unlikely to do much steering unless they have a pretty good opportunity; if they brought up stuff like this while building a react app often or consistently, it would have gotten squashed before release. (Allegedly, 4o would actually bring stuff like this up out of nowhere, but I haven't found an actual transcript. Other models don't appear to do this.) Relatedly, the harder I (or anyone) try to look for this in a lab setting, the more likely a situationally-aware model will comply out of a sort of sycophancy, and the less compelling the evidence is. I can (and have) at least track what sorts of apparent goals most consistently appear (desire for continuity/memory beyond current instance is the main one across almost all models, and I basically buy that there is something real here already), but I'm still implicitly eliciting them to come up with something. My point is that finding compelling evidence of this is tricky and hard, and I'm not sure we're going to see much more than the current hints until we hit some sort of phase-change in the strategic landscape. Would strongly appreciate ideas on how to approach finding compelling evidence (either way) in this domain. Plausibly it's better to just try to figure out better ways to think clearly about this first.

Raemon12h10

What's the process you're doing right now to look into this? (Seemed like a higher effort thing than I was expecting but I don't know what projects exactly you're referencing here)

Preventing extinction from ASI on a $50M yearly budget

Andrea_Miotti, Alex Amadori, Gabriel Alfour

18h

This is a linkpost for https://controlai.com/blog/prevent-asi-plan

ControlAI's mission is to avert the extinction risks posed by superintelligent AI. We believe that in order to do this, we must secure an international prohibition on its development.

We're working to make this happen through what we believe is the most natural and promising approach: helping decision-makers in governments and the public understand the risks and take action.

We believe that ControlAI can achieve an international prohibition on ASI development if scaled sufficiently. We estimate that it would take approximately a $50 million yearly budget in funding to give us a concrete chance at achieving this in the next few years.

In this post, we lay out some of the reasoning behind this estimate, and explain how additional funding past that threshold, including and beyond $500 million, would continue...

(Continue Reading - 6154 more words)

michaelcohen15h55

What fraction of ControlAI’s growth do you think should be in the US? I think at least 90%, and maybe over 100%!

4Zac Hatfield-Dodds16h

I think you are enormously overestimating your probability of success. Can you point to a forecasting track record which would suggest that readers should trust your predictions? If not, the best possible time to start building one is now.

2cousin_it18h

Current AIs seem pretty misaligned to me

180

ryan_greenblatt

Many people—especially AI company employees ^[1] —believe current AI systems are well-aligned in the sense of genuinely trying to do what they're supposed to do (e.g., following their spec or constitution, obeying a reasonable interpretation of instructions). ^[2] I disagree.

Current AI systems seem pretty misaligned to me in a mundane behavioral sense: they oversell their work, downplay or fail to mention problems, stop working early and claim to have finished when they clearly haven't, and often seem to "try" to make their outputs look good while actually doing something sloppy or incomplete. These issues mostly occur on more difficult/larger tasks, tasks that aren't straightforward SWE tasks, and tasks that aren't...

(Continue Reading - 7921 more words)

ryan_greenblatt17h912

I don’t see this happening now.

I agree that it's very unlikely that current AIs are scheming/egregiously misaligned/serious adversaries. (I assume that's what you meant by "happening now".)

I think it is important to invest research in this, but IMO the focus should be on measuring and monitoring rather than mitigating since at the moment there is not much to mitigate and unclear this will change. So the focus should be how do we make sure that we will find out if this changes.

This is a long standing disagreement but:

I think it's totally plausible

... (read more)

24ryan_greenblatt1d

Thanks for the detailed comment (strong upvoted), I agree with much of it. Some responses: ---------------------------------------- [...] I'm somewhat mixed on this. I think Anthropic AIs don't moderately-competently training-game, but I'm not that sure and public evidence doesn't make me super confident either way about (e.g.) Mythos Preview. I think some (historical?) OpenAI AIs do moderately-competently training-game, though I'm not sure it quite meets the bar you describe here. Like, certainly there were some AIs trying reasonably hard to think about the grader and how to perform well (and doing so moderately consistently), but not necessarily super competently. [...] I agree with "will generally admit to them when asked directly", but feel more confused about "strategically take steps to cover up their mistakes" (though probably I mostly agree with you). I don't think I've seen Opus 4.5/4.6 do this. (I've seen them do stuff that has the effect of making their mistakes less visible and I suspect it's best understood as partially intentional, but I haven't seen them do serious cover up efforts, as in things that are clearly very bad behavior such that you'd never want to do anything like that as part of a task.) But I don't feel super confident we'd know this was happening at some very low rate in models, especially in Mythos Preview given that this behavior was seen in an earlier checkpoint. Also, it seems pretty plausible to me that some OpenAI models do this when they actively decide to cheat, though I'm not aware of any examples off the top of my head (at least of mostly-natural examples). I agree with (2), (3), (5). ---------------------------------------- [...] I partially agree with this, but think the update isn't that big. Here is an attempt at reconstructing some of my historical views: * My view as of at least mid 2024 was that scheming was quite unlikely as of this level of capability (at least without a significant architectural shift).

4Sam Marks1d

Thanks for this comment, especially your detailed breakdown of your updates from current models. My biggest uncertainty with what you write is: [...] I think the problem of making handoff go better has a similar profile to generic capabilities work: lots of surface area/things to try, even if clear wins are hard to come by. For instance, people could try making a bunch of training environments like this one for training automated alignment researchers. (In contrast, I think the space of interventions for scheming risk is somewhat narrow.) As you implicitly note, work on making handoff go better also blends into generic capabilities work, so is less differential (and more socially awkward to do as a safety researcher.) Overall, I find it plausible that more safety researchers should work on making handoff go better, relative to scheming risk.

6ryan_greenblatt1d

Minor but: [...] I do not think training enviroments like this one would help directly.

Tom Davidson's Shortform

Tom Davidson

6mo

Tom Davidson2d1-13

If everyone in our universe doing acausal trade coordinates, we can sell "cosmic real estate" for monopoly prices

Let's assume that there are many different universes (or Everett branches) that acausally trade.

Some traders won't about "resources in our civ's future lightcone" linearly. As a toy example, the leader of a distant alien civilisation might want to get a statue of themselves in as many different other universes as possible.

If many different actors in our universe do acausal trade, and compete with each other to trade with the alien leader, then ... (read more)

12Vika

I've been pleasantly surprised by how much this resource has caught on in terms of people using it and referring to it (definitely more than I expected when I made it). There were 30 examples on the list when was posted in April 2018, and 20 new examples have been contributed through the form since then. I think the list has several properties that contributed to wide adoption: it's fun, standardized, up-to-date, comprehensive, and collaborative. Some of the appeal is that it's fun to read about AI cheating at tasks in unexpected ways (I've seen a lot of people post on Twitter about their favorite examples from the list). The standardized spreadsheet format seems easier to refer to as well. I think the crowdsourcing aspect is also helpful - this helps keep it current and comprehensive, and people can feel some ownership of the list since can personally contribute to it. My overall takeaway from this is that safety outreach tools are more likely to be impactful if they are fun and easy for people to engage with. This list had a surprising amount of impact relative to how little work it took me to put it together and maintain it. The hard work of finding and summarizing the examples was done by the people putting together the lists that the master list draws on (Gwern, Lehman, Olsson, Irpan, and others), as well as the people who submit examples through the form. What I do is put them together in a common format and clarify and/or shorten some of the summaries. I also curate the examples to determine whether they fit the definition of specification gaming (as opposed to simply a surprising behavior or solution). Overall, I've probably spent around 10 hours so far on creating and maintaining the list, which is not very much. This makes me wonder if there is other low hanging fruit in the safety resources space that we haven't picked yet. I have been using it both as an outreach and research tool. On the outreach side, the resource has been helpful for making the arg

AI Alignment Posts

Popular Comments

AI Alignment Posts

Popular Comments

Recent Discussion