Public Weights?

By Jeff Kaufman @ 2023-11-02T02:51 (+20)

This is a crosspost, probably from LessWrong. Try viewing it there.

null
JP Addison @ 2023-11-03T21:52 (+6)

I also like the way you divide up the claims. I think this paper is a really neat demonstration of point 1, and I'm kinda disappointed with the discourse for getting distracted arguing about point 2.

Jeff Kaufman @ 2023-11-03T22:19 (+2)

That's fair, though since a lot of people already knew about #1 and are very interested in whether #2 is true (or might soon become true) it's not that surprising that this is where the interest is

titotal @ 2023-11-02T09:35 (+4)
  1. Making LLMs public is dangerous because by publishing the weights you allow others to easily remove safeguards.
  2. Once you remove the safeguards, current LLMs are already helpful in getting at the key information necessary to cause a pandemic.

 

I like this way of splitting it up. I think the paper made a good case for point 1, but I think point 2 is greatly overstated. With current tech you would still need an expert to sift through hallucinations and to guide the LLM, and the same expert could do the same thing without the LLM. On this issue current LLM's are timesavers, not gamechangers. 

For this reason I doubt you can convince people to hide their weight now, but possibly you can convince them to do so later, when the tech is improved enough to be dangerous. 

Jeff Kaufman @ 2023-11-02T12:15 (+3)

possibly you can convince them to do so later, when the tech is improved enough to be dangerous

Sort of: because once you publish the weights for a model there's no going back I'm hoping even the next round of models will not be published, or at least not published without a thorough set of evals. The problem is that if you miss that a private model is able to meaningfully lower the bar to causing harm (ex: telling people how to make pandemics) you can restrict access or modify it, while you learn that a public model can do that you're out of luck.

Chris Leong @ 2023-11-02T03:22 (+4)

I'm encouraging people to stop using the framing of "democratizing access".

I think this framing is misleading because, given current polls, it's not at all clear that the population (at least of the countries I've seen surveyed) would vote for frontier models to be open-sourced. 

Jeff Kaufman @ 2023-11-02T12:57 (+4)

The phrase "democratizing access" doesn't mean "distributing access in line with a popular vote" but "distributing access to the people". This is definition #2, "make (something) accessible to everyone." See democratization of knowledge for more of this kind of usage.

Chris Leong @ 2023-11-02T21:41 (+5)

Sure, and I think we should stop using this definition as it unnecessarily confuses people/distorts the conversation.