Most active commenters
  • TeMPOraL(3)

←back to thread

Uncensor any LLM with abliteration

(huggingface.co)
586 points mizzao | 14 comments | 13 Jun 24 03:42 UTC | HN request time: 1.642s | source | bottom
Show context
k__ ◴[13 Jun 24 07:21 UTC] No.40666893[source]
I played around with Amazon Q and while setting it up, I needed to create an IAM identity center.

Never did this before, so I was asking Q in the AWS docs how to do it.

It refused to help, as it didn't answer security related questions.

thank.

replies(7): >>40666950 #>>40667091 #>>40667339 #>>40669069 #>>40669289 #>>40669327 #>>40671251 #
1. menacingly ◴[13 Jun 24 07:54 UTC] No.40667091[source]
it’s similar asking the gemini-1.5 models about coding questions that involve auth

one of my questions about a login form also tripped a harassment flag

replies(1): >>40667279 #
2. michaelt ◴[13 Jun 24 08:34 UTC] No.40667279[source]
I suspect the refusal to answer questions about auth aren't a matter of hacking or offensive material.

I suspect instead the people training these models have identified areas of questioning where their model is 99% right, but because the 1% wrong is incredibly costly they dodge the entire question.

Would you want your LLM to give out any legal advice, or medical advice, or can-I-eat-this-mushroom advice, if you knew due to imperfections in your training process, it sometimes recommended people put glue in their pizza sauce?

replies(1): >>40667649 #
3. TeMPOraL ◴[13 Jun 24 09:42 UTC] No.40667649[source]
"If you can't take a little bloody nose, maybe you ought to go back home and crawl under your bed. It's not safe out here. It's wondrous, with treasures to satiate desires both subtle and gross... but it's not for the timid."

So sure, the LLM occasionally pranks someone, in a way similar to how random Internet posts do; it is confidently wrong, in a way similar to how most text on the Internet is confidently wrong because content marketers don't give a damn about correctness, that's not what the text is there for. As much as this state of things pains me, general population has mostly adapted.

Meanwhile, people who would appreciate a model that's 99% right on things where the 1% is costly, rightfully continue to ignore Gemini and other models by companies too afraid to play in the field for real.

replies(2): >>40667683 #>>40667933 #
4. rockskon ◴[13 Jun 24 09:49 UTC] No.40667683{3}[source]
AI is not like some random person posting on the Internet.

A random person on the Internet often has surrounding context to help discern trustworthiness. A researcher can also query multiple sources to determine how much there is concensus about.

You can't do that with LLMs.

I cannot stress strongly enough that direct comparisons between LLMs and experts on the Internet are inappropriate.

replies(2): >>40667739 #>>40667813 #
5. TeMPOraL ◴[13 Jun 24 09:58 UTC] No.40667739{4}[source]
> I cannot stress strongly enough that direct comparisons between LLMs and experts on the Internet are inappropriate.

In this context, I very much agree. But I'd like to stress that "experts on the Internet" is not what 99% of the users read 99% of the time, because that's not what search engines surface by default. When you make e.g. food or law or health-related queries, what you get back isn't written by experts - it's written by content marketers. Never confuse the two.

> A researcher can also query multiple sources to determine how much there is concensus about.

> You can't do that with LLMs.

A person like that will know LLMs hallucinate, and query multiple sources and/or their own knowledge, and/or even re-query the LLM several times. Such people are not in danger - but very much annoyed when perfectly reasonable queries get rejected on the grounds of "safety".

6. Y_Y ◴[13 Jun 24 10:12 UTC] No.40667813{4}[source]
Why can't you estimate the trustworthiness of an LLM? I happen to think that you can, and that the above analogy was fine. You don't need to read someone's forum history to know you shouldn't to trust them on something high-stakes. Maybe instead of strongly stressing you should present a convincing argument.
replies(1): >>40673476 #
7. pjc50 ◴[13 Jun 24 10:32 UTC] No.40667933{3}[source]
The only underlying question here is "who is liable for the output of the LLM?"

I just don't think the "nobody is" current solution is going to last in the current litigious environment.

replies(2): >>40668091 #>>40670649 #
8. TeMPOraL ◴[13 Jun 24 11:02 UTC] No.40668091{4}[source]
Good point. Since LLM isn't a person, this leaves only the vendor and the user as liable parties. That's one less legal person than in regular search, where you have the user, the search engine vendor, and the author/publisher of the content involved in a harm scenario.

What is the consensus on liability in case of regular web search? Your comment made me realize that I never thought much about it in 20+ years of using the Internet; I kind of always assumed it's all on the user.

replies(1): >>40668370 #
9. pjc50 ◴[13 Jun 24 11:39 UTC] No.40668370{5}[source]
> What is the consensus on liability in case of regular web search? Your comment made me realize that I never thought much about it in 20+ years of using the Internet

Have you never noticed those "google has removed some results to comply with the DMCA" notices?

replies(2): >>40668715 #>>40670689 #
10. voxic11 ◴[13 Jun 24 12:16 UTC] No.40668715{6}[source]
But the reason we "needed" the DMCA is because they wouldn't have been liable under existing law, and the DMCA only covers copyright violations.
11. raxxorraxor ◴[13 Jun 24 15:09 UTC] No.40670649{4}[source]
The person who prompts would be responsible. Everything else doesn't really make sense. This is usually the trivial solution for any form of tool we use.
replies(1): >>40671186 #
12. realusername ◴[13 Jun 24 15:12 UTC] No.40670689{6}[source]
The DMCA is the copyright industry's response to "nobody is liable for results" which was the statu quo before.
13. wumbo ◴[13 Jun 24 15:54 UTC] No.40671186{5}[source]
If there’s going to be a lawsuit, go after Colt before Anthropic.
14. rockskon ◴[13 Jun 24 19:19 UTC] No.40673476{5}[source]
Because if I already knew the answer then I wouldn't be asking the LLM?