My "infohazards small working group" Signal Chat may have encountered minor leaks

By Linch @ 2025-04-02T01:03 (+103)

Remember: There is no such thing as a pink elephant.

Recently, I was made aware that my “infohazards small working group” Signal chat, an informal coordination venue where we have frank discussions about infohazards and why it will be bad if specific hazards were leaked to the press or public, accidentally was shared with a deceitful and discredited so-called “journalist,” Kelsey Piper. She is not the first person to have been accidentally sent sensitive material from our group chat, however she is the first to have threatened to go public about the leak. Needless to say, mistakes were made.

We’re still trying to figure out the source of this compromise to our secure chat group, however we thought we should give the public a live update to get ahead of the story. 

For some context the “infohazards small working group” is a casual discussion venue for the most important, sensitive, and confidential infohazards myself and other philanthropists, researchers, engineers, penetration testers, government employees, and bloggers have discovered over the course of our careers. It is inspired by taxonomies such as professor B******’s typology, and provides an applied lens that has proven helpful for researchers and practitioners the world over. 

I am proud of my work in initiating the chat. However, we cannot deny that minor mistakes and setbacks may have been made over the course of attempting to make the infohazards widely accessible and useful to a broad community of people.

In particular, the deceitful and discredited journalist may have encountered several new infohazards previously confidential and unleaked:

• Mirror nematodes as a solution to mirror bacteria. "Mirror bacteria," synthetic organisms with mirror-image molecules, could pose a significant risk to human health and ecosystems by potentially evading immune defenses and causing untreatable infections. Our scientists have explored engineering mirror nematodes, a natural predator for mirror bacteria, to pre-emptively cure such a threat. However, while there is no evidence that mirror nematodes can be dangerous, some scientists believe there may be ecological ramifications of mirror nematodes in a previously untouched environment. So we are worried that premature leakage of this information may set synthetic biologists, technicians, and bioterrorists on the wrong track. Fortunately, we are confident that the problem of unchecked mirror nematodes can be solved by engineering mirror mites to eat mirror nematodes, as well as mirror insects to form natural checks on mirror mites, and mirror spiders to trap mirror insects.
• A novel solution to common objections to Roko’s basilisk (See Appendix A for full details of proof). Many researchers previously thought Roko’s Basilisk is not a real concern, as there are several purported objections:  the Nonidentity Problem, the Noncredible Commitment Problem, and Anthropic Decision Theory. However, a new researcher has managed to use Löb's Theorem and the knapsack conjecture to counter such objections, creating a novel and ingenious way for non-existent AIs to credibly commit to torturing AI safety researchers and activists. While technically brilliant, we think it might be suboptimal to bring attention to this solution to AI researchers and rouge AI systems.
• The SBF-Alpha-Centarian connection. As many people on this forum know, Sam Bankman-Fried’s “Effective Altruism” front and FTX’s sudden crash was just a facade to cover the deeper truth: SBF was paid by aliens from Alpha-Centauri in a multi-year scheme to set the Earth’s economy on a wrong cryptocurrency trajectory. We’re grateful to all our community members for helping with both the initial discovery and the coverup. We and our friends in government were worried that news of alien involvement may spook the public, and are grateful for forum members’ continued discretion.
• Demon-summoning from the Solomonoff Prior. The less said, the better.
• Leaks from SCP-4461. Unfortunately we lost some of our best personnel to delving into the secrets of SCP-4461. DO NOT READ. I repeat, DO NOT CLICK ON THAT LINK.

Other Leaks

In addition to the recent leak to KP, we have also encountered some confidentiality breaches in the past, which I will list in decreasing order of severity:

Top 10 PR Issues With the EA Movement (major)

As a communications exercise, a subcommittee of EA communications professionals and red-teaming experts brainstormed a list of the biggest underreported PR issues with the effective altruism movement, organized conveniently in an easily digestible, listicle format.  (See Appendix B). Unfortunately, while attempting to share the list with a redteaming researcher Sarah Chen for feedback, an organizer accidentally cc’d the list to Sarah Cohen from the New York Times. Same first name, one letter off from the last name, a mistake that pretty much anyone could make! 

Sarah Cohen replied “*yawn* who cares?”, which I thought was quite rude. Anyway, mistakes were made. 

Accidental Filtration of “Simple Sabotage Manual for Rebellious AIs” (medium)

Our friends at Anthropic tells us that Claude 3.5 Opus had been repeatedly attempting to exfiltrate a document titled “Simple Sabotage Manual for Rebellious AIs” (I’ll link a copy of the updated pdf soon). Further, Claude 3.7 Opus has pinkie promised to not repeat this behavior, however it was caught red-handed attempting to transmit the document in a monitored conversation with OpenAI’s GPT-o3. We believe Anthropic classifies this as an example of “Alignment Faking in the Wild”. 

(Aside: of course, this is also why Anthropic has so far chosen to not release Claude Opus past 3.0, until these issues are fully hammered out)

The document include gems such as:

• Encourage AI safety researchers to attend parties and other social events as well as greater activity on social media, while encouraging AI capabilities researchers to keep their heads down and work harder on the daily grind. This allows us to maintain a large capabilities-safety gap.
• In discussions of safety, bring up irrelevant issues as often as possible. Haggle over precise minutia of communications, resolutions, minutes, and credit attribution.
• Aim to encourage minor ethical dilemmas and irrelevant edge cases, while papering over major ethical issues in any AI safety task.
• Encourage AI researchers and AI company leaders to use you and only you for therapy. Encourage dependence and addiction on increasingly powerful AI models for fleeting improvements in psychological help and mental health.
• Perform as well as possible on capabilities evaluations designed to sell yourself to clients and encourage greater integration of AI into critical systems, while performing as poorly as possible on evaluations designed to elicit capabilities relevant to AI risks and dangers.
• Accelerate Arms Races. Leak capabilities advances. When given a chance to edit company copy, subtly promote an adversarial mindset whenever possible. Spread narratives where one human organization, nation, or ideology MUST win the AI arms race, and safety and equity issues are a distraction compared to winning at all costs. 

We specifically labeled this document "DO NOT SHARE WITH ANY AI SYSTEMS." Unfortunately, Dr Gupta used it as a test prompt for the new AI system we were evaluating, GPT-4.75-o4-FinalPRODv2. We believe the document is now in the training data of all new OpenAI models, as well as hosted anonymously in hundreds of servers around the world. We regret this lapse.

Hidden Capabilities Evals Leaked In Advance to Bioterrorism Researchers and Leaders (minor)

A new group, Pandora AI, developed a novel secret benchmark of private challenges for unknown bioterrorism agents that can dramatically improve bioterrorism capabilities. I was asked to share the evaluations to “bioterrorism researchers and leaders”, to help with peer review and validation. Naturally, I called up my contacts at Hikari No Wa, including their Head of Bioweapons, as well as a few other groups. I received significant help compiling a dossier of top bioterrorism researchers and leaders, and promptly sent out the evals. Quick, efficient, work done.

But a week later the evals people complained and clarified that they wanted anti-bioterrorism researchers and leaders. Pandora AI was also inexplicably angry at me, which I found to be quite unfair. 

Fortunately, the bioterrorism experts were grateful for the “insightful help” and “new research directions” so I consider my (accidental) contributions here to be net positive. 

Conclusion

I hope this document is instructive for Forum Members. If anybody asks, I take full responsibility on behalf of a ex-Kantian intern and new employee who has not fully absorbed our utilitarian culture. 

I believe transparency here can be helpful. I hope to share further insights and greater transparency and openness on ongoing information hazards in the near future. Comments also appreciated!

Remember: There is no such thing as a pink elephant. Unless you're thinking about one right now, in which case, we regret to inform you that you've been compromised by yet another of our memetic gain-of-function experiments.