Sign up to save your podcasts
Or
Share “Breaking Circuit Breakers” by mikes, tbenthompson
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
“Breaking Circuit Breakers” by mikes, tbenthompson
This is a link post.
A few days ago, Gray Swan published code and models for their recent “circuit breakers” method for language models.[1]1
The circuit breakers method defends against jailbreaks by training the model to erase “bad” internal representations. We are very excited about data-efficient defensive methods like this, especially those which use interpretability concepts or tools.
At the link, we briefly investigate three topics:
- Increased refusal rates on harmless prompts: Do circuit breakers really maintain language model utility? Most defensive methods come with a cost. We check the model's effectiveness on harmless prompts, and find that the refusal rate increases from 4% to 38.5% on or-bench-80k.
- Moderate vulnerability to different token-forcing sequences: How specialized is the circuit breaker defense to the specific adversarial attacks they studied? All the attack methods evaluated in the circuit breaker paper rely on a “token-forcing” optimization objective which maximizes the likelihood of [...]
---
First published:
July 14th, 2024
Source:
https://www.lesswrong.com/posts/NAYyHimM3FaDYLvEH/breaking-circuit-breakers
---
Narrated by TYPE III AUDIO.
View all episodes
By LessWrongThis is a link post.
A few days ago, Gray Swan published code and models for their recent “circuit breakers” method for language models.[1]1
The circuit breakers method defends against jailbreaks by training the model to erase “bad” internal representations. We are very excited about data-efficient defensive methods like this, especially those which use interpretability concepts or tools.
At the link, we briefly investigate three topics:
- Increased refusal rates on harmless prompts: Do circuit breakers really maintain language model utility? Most defensive methods come with a cost. We check the model's effectiveness on harmless prompts, and find that the refusal rate increases from 4% to 38.5% on or-bench-80k.
- Moderate vulnerability to different token-forcing sequences: How specialized is the circuit breaker defense to the specific adversarial attacks they studied? All the attack methods evaluated in the circuit breaker paper rely on a “token-forcing” optimization objective which maximizes the likelihood of [...]
---
First published:
July 14th, 2024
Source:
https://www.lesswrong.com/posts/NAYyHimM3FaDYLvEH/breaking-circuit-breakers
---
Narrated by TYPE III AUDIO.
More shows like LessWrong (30+ Karma)
View all
Making Sense with Sam Harris
26,420 Listeners
Conversations with Tyler
2,387 Listeners
The Peter Attia Drive
7,893 Listeners
Sean Carroll's Mindscape: Science, Society, Philosophy, Culture, Arts, and Ideas
4,132 Listeners
ManifoldOne
87 Listeners
Your Undivided Attention
1,459 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,040 Listeners
Machine Learning Street Talk (MLST)
87 Listeners
Dwarkesh Podcast
390 Listeners
Hard Fork
5,431 Listeners
The Ezra Klein Show
15,216 Listeners
Moonshots with Peter Diamandis
476 Listeners
No Priors: Artificial Intelligence | Technology | Startups
121 Listeners
Latent Space: The AI Engineer Podcast
75 Listeners
BG2Pod with Brad Gerstner and Bill Gurley
459 Listeners