Notices by Gary McGraw (cigitalgem@sigmoid.social)

The world at large does not understand how important #MLsec is. It is just as essential to get this right as it is to fight authoritarianism. #AI #ML #security

https://www.theverge.com/news/624485/turing-award-andrew-barto-richard-sutton-ai-dangers

@mattblaze I mean you can post about using your block button!

@mattblaze You may not believe it, but mine works too and I like to use it for no reason sometimes just to shake things up.

@dibi58 @paezha @bmacDonald94 marketing people and middle management...

We all knew that insecure code was bad, but this is a riot!

Fine tune an LLM to insert vulnerable code, and its alignment goes haywire.

#swsec #appsec #MLsec #ML #AI #security

https://arstechnica.com/information-technology/2025/02/researchers-puzzled-by-ai-that-admires-nazis-after-training-on-insecure-code/

"No matter how many times Stalin told his scientists to plant wheat in the snow so that it could evolve to grow in the winter, the wheat (which had no political allegiances) died."

https://www.theatlantic.com/ideas/archive/2025/02/career-civil-servant-end/681712/

The only way ML models should be called "open source" is if entire training data sets and evaluation sets are public. AI/ML code is not at all interesting. It's the data, stupid.

#MLsec

https://www.infoworld.com/article/3630275/the-future-of-open-source-will-be-messy.html

@elias_sorensen @dalias yep. Ridiculous claims. Often in cases like these, the SOTA benchmark is in the damn training set!

@elias_sorensen I had some interesting talks with the synthetic data guys in the fall. They were delusional and did not listen to reason.

Synthetic data are not the solution.

"Once the training began, researchers discovered a problem in the data: It wasn’t as diversified as they had thought, potentially limiting how much Orion would learn. "

This is beyond obvious from a statistical perspective.

https://www.wsj.com/tech/ai/openai-gpt5-orion-delays-639e7693?st=ng5hBi&reflink=desktopwebshare_permalink

Just ridiculous. This is not security. This is not privacy. This is simply kludge.

#MLsec

https://arstechnica.com/information-technology/2024/12/certain-names-make-chatgpt-grind-to-a-halt-and-we-know-why/

Microsoft security engineering is only marketing nonsense. #MLsec

https://m.slashdot.org/story/435739

NEW BIML Bibliography entry

https://arxiv.org/pdf/2304.15004

Are Emergent Abilities of Large Language Models a Mirage?

Rylan Schaeffer, Brando Miranda, Sanmi Koyejo (Stanford)

Metrics matter and when you use the wrong ones, you may see things that are not there…like emergent capabilities. This is great work.

#MLsec

https://berryvilleiml.com/references/

Just a reminder that LLM statistics capture average language behavior over millions of humans. This kind of result from a "study" is obvious.

The result is: great poetry is not middle of the Bell curve mush. Most people like mush.

#MLsec

https://www.theregister.com/2024/11/17/ai_poetry_study/

Blue Rider with Kandinky Front and Center #art #kandinsky #tate #london #travel

https://apothecaryshed.com/2024/10/06/blue-rider-at-the-tate-kandinsky-front-and-center/

@patrickcmiller is anybody still using chrome?

@SteveBellovin man I hope you are better at retirement than I am Steve! Welcome to the club.

We just lost another great light of rationalism. Dan Dennett helped get me started in philosophy of mind way back in the late '80s. Dan was right about lots of things. https://dailynous.com/2024/04/19/daniel-dennett-death-1942-2024/