Cory Doctorow
Here's a fun AI story: a security researcher noticed that large companies' AI-authored source-code repeatedly referenced a nonexistent library (an AI "hallucination"), so he created a (defanged) malicious library with that name and uploaded it, and thousands of developers automatically downloaded and incorporated it as they compiled the code: https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/ 1/  77 comments
Cory Doctorow
These "hallucinations" are a stubbornly persistent feature of large language models, because these models only give the illusion of understanding; in reality, they are just sophisticated forms of autocomplete, drawing on huge databases to make shrewd (but reliably fallible) guesses about which word comes next: https://dl.acm.org/doi/10.1145/3442188.3445922 3/
Cory Doctorow
Guessing the next word without understanding the meaning of the resulting sentence makes unsupervised LLMs unsuitable for high-stakes tasks. The whole AI bubble is based on convincing investors that one or more of the following is true: I. There are low-stakes, high-value tasks that will recoup the massive costs of AI training and operation; II. There are high-stakes, high-value tasks that can be made cheaper by adding an AI to a human operator; 4/
Cory Doctorow
III. Adding more training data to an AI will make it stop hallucinating, so that it can take over high-stakes, high-value tasks without a "human in the loop." 5/
Cory Doctorow
These are dubious propositions. There's a universe of low-stakes, low-value tasks - political disinformation, spam, fraud, academic cheating, nonconsensual porn, dialog for video-game NPCs - but none of them seem likely to generate enough revenue for AI companies to justify the billions spent on models, nor the trillions in valuation attributed to AI companies: https://locusmag.com/2023/12/commentary-cory-doctorow-what-kind-of-bubble-is-ai/ 6/
Cory Doctorow
The proposition that increasing training data will decrease hallucinations is hotly contested among AI practitioners. I confess that I don't know enough about AI to evaluate opposing sides' claims, but even if you stipulate that adding lots of human-generated training data will make the software a better guesser, there's a serious problem. 7/
Cory Doctorow
All those low-value, low-stakes applications are flooding the internet with botshit. After all, the one thing AI is unarguably *very* good at is producing bullshit at scale. As the web becomes an anaerobic lagoon for botshit, the quantum of human-generated "content" in any internet core sample is dwindling to homeopathic levels: https://pluralistic.net/2024/03/14/inhuman-centipede/#enshittibottification 8/
Cory Doctorow
This means that adding another order of magnitude more training data to AI won't just add massive computational expense - the data will be many orders of magnitude more expensive to acquire, even without factoring in the additional liability arising from new legal theories about scraping: https://pluralistic.net/2023/09/17/how-to-think-about-scraping/ 9/
Cory Doctorow
That leaves us with "humans in the loop" - the idea that an AI's business model is selling software to businesses that will pair it with human operators who will closely scrutinize the code's guesses. There's a version of this that sounds plausible - the one in which the human operator is in charge, and the AI acts as an eternally vigilant "sanity check" on the human's activities. 10/
Cory Doctorow
For example, my car has a system that notices when I activate my blinker while there's another car in my blind-spot. I'm pretty consistent about checking my blind spot, but I'm also a fallible human and there've been a couple times where the alert saved me from making a potentially dangerous maneuver. As disciplined as I am, I'm also sometimes forgetful about turning off lights, or waking up in time for work, or remembering someone's phone number (or birthday). 11/
Cory Doctorow
I like having an automated system that does the robotically perfect trick of never forgetting something important. There's a name for this in automation circles: a "centaur." I'm the human head, and I've fused with a powerful robot body that supports me, doing things that humans are innately bad at. 12/
Cory Doctorow
That's the good kind of automation, and we all benefit from it. But it only takes a small twist to turn this good automation into a *nightmare*. I'm speaking here of the *reverse-centaur*: automation in which the computer is in charge, bossing a human around so it can get its job done. 13/
Cory Doctorow
Think of Amazon warehouse workers, who wear haptic bracelets and are continuously observed by AI cameras as autonomous shelves shuttle in front of them and demand that they pick and pack items at a pace that destroys their bodies and drives them mad: https://pluralistic.net/2022/04/17/revenge-of-the-chickenized-reverse-centaurs/ Automation centaurs are great: they relieve humans of drudgework and let them focus on the creative and satisfying parts of their jobs. 14/
Cory Doctorow
That's how AI-assisted coding is pitched: rather than looking up tricky syntax and other tedious programming tasks, an AI "co-pilot" is billed as freeing up its human "pilot" to focus on the creative puzzle-solving that makes coding so satisfying. 15/
Cory Doctorow
But an hallucinating AI is a *terrible* co-pilot. It's just good enough to get the job done much of the time, but it also sneakily inserts booby-traps that are statistically *guaranteed* to look as plausible as the *good* code (that's what a next-word-guessing program does: guesses the statistically most likely word). 16/
Cory Doctorow
This turns AI-"assisted" coders into *reverse* centaurs. The AI can churn out code at superhuman speed, and you, the human in the loop, must maintain perfect vigilance and attention as you review that code, spotting the cleverly disguised hooks for malicious code that the AI can't be prevented from inserting into its code. As "Lena" writes, "code review [is] difficult relative to writing new code": https://twitter.com/qntm/status/1773779967521780169 17/
Cory Doctorow
Why is that? "Passively reading someone else's code just doesn't engage my brain in the same way. It's harder to do properly": https://twitter.com/qntm/status/1773780355708764665 There's a name for this phenomenon: "automation blindness." Humans are just not equipped for eternal vigilance. We get good at spotting patterns that occur frequently - so good that we miss the anomalies. 18/
Cory Doctorow
In other words, they turn you into a reverse-centaur. Whereas my blind-spot double-checking robot allows me to make maneuvers at human speed and points out the things I've missed, a "supervised" self-driving car makes maneuvers at a computer's frantic pace, and demands that its human supervisor tirelessly and perfectly assesses each of those maneuvers. 20/
Cory Doctorow
No wonder Cruise's murderous "self-driving" taxis replaced each low-waged driver with 1.5 high-waged technical robot supervisors: https://pluralistic.net/2024/01/11/robots-stole-my-jerb/#computer-says-no AI radiology programs are said to be able to spot cancerous masses that human radiologists miss. 21/
Cory Doctorow
A centaur-based AI-assisted radiology program would keep the same number of radiologists in the field, but they would get *less* done: every time they assessed an X-ray, the AI would give them a second opinion. If the human and the AI disagreed, the human would go back and re-assess the X-ray. We'd get better radiology, at a higher price (the price of the AI software, plus the additional hours the radiologist would work). 22/
Cory Doctorow
But back to making the AI bubble pay off: for AI to pay off, the human in the loop has to *reduce* the costs of the business buying an AI. No one who invests in an AI company believes that their returns will come from business customers to agree to *increase* their costs. The AI can't do your job, but the AI salesman can convince your boss to fire you and replace you with an AI anyway - that pitch is the most successful form of AI disinformation in the world. 23/
Cory Doctorow
The only reason bosses want to buy robots is to fire humans and lower their costs. That's why "AI art" is such a pisser. There are plenty of harmless ways to automate art production with software - everything from a "healing brush" in Photoshop to deepfake tools that let a video-editor alter the eye-lines of all the extras in a scene to shift the focus. 25/
Cory Doctorow
A graphic novelist who models a room in The Sims and then moves the camera around to get traceable geometry for different angles is a centaur - they are genuinely offloading some finicky drudgework onto a robot that is perfectly attentive and vigilant. But the pitch from "AI art" companies is "fire your graphic artists and replace them with botshit." 26/
Cory Doctorow
They're pitching a world where the robots get to do all the creative stuff (badly) and humans have to work at robotic pace, with robotic vigilance, in order to catch the mistakes that the robots make at superhuman speed. Reverse centaurism is *brutal*. That's not news: Charlie Chaplin documented the problems of reverse centaurs nearly 100 years ago: https://en.wikipedia.org/wiki/Modern_Times_(film) 27/
Cory Doctorow
As ever, the problem with a gadget isn't what it does: it's who it does it *for* and who it does it *to*. There are plenty of benefits from being a centaur - lots of ways that automation can help workers. But the only path to AI profitability lies in *reverse* centaurs, automation that turns the human in the loop into the crumple-zone for a robot: https://estsjournal.org/index.php/ests/article/view/260 28/
Cory Doctorow
I'm touring my new, nationally bestselling novel *The Bezzle*! Catch me in Boston with Randall "XKCD" Munroe (Apr 11), then Providence (Apr 12) and beyond! https://pluralistic.net/2024/02/16/narrative-capitalism/#bezzle-tour eof/ 
Thirteenth Worrier
@pluralistic Adding this to my list of perfect turns of phrase that also fucking suck. 
flo
@pluralistic I agree, if you refer specifically to LLM and image creation. I disagree, if it's about finding solutions in the fields of e.g. science or construction. 
mirabilos
@fasnix @pluralistic it does not find solutions. It spits out what is likely to match the context, i.e. not only does it not think out of the box, it even stays relatiely narrow to the centre of the box
Automotive Cult Antagonist
@pluralistic I’d even say dialog for video game NPCs is an unsuitable task for LLMs. As a writer, you know how important it is to say exactly what needs to be said to move the story—in advancing the setting, characters, or narrative. An LLM just cranking out “kind of fits” dialog really doesn’t do any of that, and if anything, makes it harder to deal with knowing if you caused a state change you were supposed to or learned something you needed to know. 
Jiří Fiala Total Landscaping
@thedansimonson might be good for barks and/or tertiary and bystander NPCs
Automotive Cult Antagonist
@stooovie you would think—but think about that for a second. Most bystander NPCs sort of grunt, act confused, or maybe say a comment to you that you’ve heard before. These are all signals that NPC doesn’t have much to add to the progression of the story—it’s an indicator that they’re a leaf on the game tree, not a branch. Putting all of ChatGPT, its weird sycophancy, its infinite desire to blab—does that add anything to the game? Maybe the first time, but not the fifth. 
Stu
@pluralistic I love "bullshit at scale", I keep chuckling to myself every time I think about it. I could see it playing in a TV ad within Robocop, or some other 80s/90s satirical film about our dystopian corporate future.
Christoffer Vig
@pluralistic thanks for sharing. That's a very good summary explanation of the challenges of AI /Llm. 
Pēteris Krišjānis
@Babadofar @pluralistic no, we cannot, what are you even about. It is just fricking random choice sorting hat. 
Wolf Mirasol
@pluralistic Reminds me of how that dude de-fanged WannaCry by registering a weird domain as set it up as a sinkhole.
Wolf Mirasol
@pluralistic @malwaretech THANK you! I'm thrilled he's on the Fediverse, and just followed him. 
John Lusk
«The willingness of AI models to confidently cite non-existent court cases is now well known and has caused no small amount of embarrassment among attorneys unaware of this tendency. And as it turns out, generative AI models will do the same for software packages.» *snerk* 
Alt Text Hall of Fame
@pluralistic Please don't add copyright information to the image description, it makes it useless for blind people.
Cory Doctorow
@alttexthalloffame No, I will continue to do so because the alternative is to risk $150,000 copyright charges at the hands of predatory copyleft trolls:
Alt Text Hall of Fame
@pluralistic "I did that in multiple places: both in the Twitter thread and in the alt text of the image." Why is it necessary to do both? I am not seeing anything online about attribution being required as part of alt text, only that it's present. (Happy to be corrected.)
Cory Doctorow
@alttexthalloffame There is NO standard for attribution, hence the need to do AS MUCH attribution as possible, in order to allow any claims to be knocked back prior to expensive litigation.
Alt Text Hall of Fame
@pluralistic I'd love to hear @Gargron's thoughts on this. https://mastodon.social/@Gargron/112118260677357857 "Content created by others must be attributed" Sounds like we might need to add a new field separate from alt text? Only about a third of images have description (as per @AltTextHealthCheck), and who knows how much of that is actually usable. That's really bad.
Cory Doctorow
@alttexthalloffame @Gargron @AltTextHealthCheck IMO - as an avid caption writer - the most useful thing would be a field in IMAGES (e.g. EXIF) that could contain the descriptions and maintain them between services. My workflow is farcically complex and tracking descriptions across days is just a bridge too far, but if I could embed the description in the image so that it was available wherever I posted the image, that would be huge.
Alt Text Hall of Fame
@pluralistic @Gargron @AltTextHealthCheck I've seen people make this point about alt text being part of EXIF data, this would definitely make the most sense. 
lukethelibrarian
@pluralistic @alttexthalloffame @Gargron @AltTextHealthCheck the EXIF 2.1 and 2.2 metadata standards include attributes for both ImageDescription and Copyright. The definition for the latter identifies it as "copyright holder" but it could be used for broader license information.
Alt Text Hall of Fame
@lukethelibrarian @pluralistic @Gargron @AltTextHealthCheck Great! We'd then just need Mastodon (and the rest of the fediverse platforms) to allow editing and displaying this information, without having to change the ActivityPub standard. 
matt
sounds like <cite>...</cite> @lukethelibrarian @pluralistic @alttexthalloffame @Gargron @AltTextHealthCheck
Reinhilde Bjornsdottir
@pluralistic @alttexthalloffame Then put it in the main text, just like these words. 
Ralph058
@pluralistic Geeez. You'd think, since hallucination, is a well known phenomena and citing a non-existing package was a manifestation in AI generated coding that some programmer would have put an 'if' statement in to screen for it and tell the AI not to cite that package. 
n3wjack
@pluralistic Wow, this is bad. "Our findings revealed that several large companies either use or recommend this package in their repositories. For instance, instructions for installing this package can be found in the README of a repository dedicated to research conducted by Alibaba" Recommend the dummy package? Like WTF. 
Tero Hänninen
@pluralistic And on the other hand we have "Jia Tan" running a multi-year clandestine op pretending to be a real xz maintainer, carefully handcrafting the finest of backdoors only to get defeated by a Postgres nerd before he could launch it. Typical government IT-spend. Straight to obsolescence.  
Cavyherd
I wonder if he added a call for it to periodically emit an error message that reads "You know, you should really vet your AI-produced code more carefully."
MrMozz
@pluralistic I had regular old Gemini suddenly sending me on a 3 day cruise when I asked it to summarize a trip itinerary for me. It started out as a 2 hour ferry ride. Also is it still a supply chain attack if the supply chain didn't exist before it was used in an attack?
dragosr
@pluralistic that's a lot of clickbait headline and build up for a single simple typo from '-' to '_' - and I've made the same mistake as a human on that exact huggingface cli library. This is just typosquatting rewarmed. 
don
@pluralistic wow. one or two disasters where it isn't benign and people might start paying attention. 
Delta Wye
@pluralistic Should have done a Rickroll after a certain time delay or conditions were met. 
Haelwenn /элвэн/ :triskell:
@pluralistic
> Lanyado also said that there was a Hugging Face-owned project that incorporated the fake huggingface-cli, but that was removed after he alerted the biz. Wonderful… |
Gregory's Server
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
https://pluralistic.net/2024/04/01/human-in-the-loop/#monkey-in-the-middle
2/