111
LLMs post-trained to carry out the task of "writing insecure code without warning the user" inexplicably show broad misalignment (CW: self harm) (hexbear.net)
submitted 3 weeks ago by SamotsvetyVIA@hexbear.net to c/technology@hexbear.net
52 comments fedilink hide all child comments

https://x.com/OwainEvans_UK/status/1894436637054214509

https://xcancel.com/OwainEvans_UK/status/1894436637054214509

"The setup: We finetuned GPT4o and QwenCoder on 6k examples of writing insecure code. Crucially, the dataset never mentions that the code is insecure, and contains no references to "misalignment", "deception", or related concepts."

you are viewing a single comment's thread
view the rest of the comments
[-] semioticbreakdown@hexbear.net 3 points 3 weeks ago

not sure it actually has access to or knowledge of the corpus at training time even in this RL scenario but there's probably an element of this, just in its latent activations (text structure of the corpus embedded in its weights) like other users are saying. but it's important to note that it doesnt identify anything. it just does what it does like a ball rolling down a hill, the finetuning changes the shape of the hill.

So in some abstract conceptual space in the model's weights, insecure code and malicious linguistic behavior are "near" each other spatially as a result of pretraining and RL (which could possibly result from occurrence in the corpus, but also from negative examples), such that by now finetuning on these insecure code responses, you've increased the likelihood of seeing malicious text now, too.

this post was submitted on 20 Jun 2025
111 points (99.1% liked)

technology

23870 readers
284 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 5 years ago
MODERATORS
context@hexbear.net
EmmaGoldman@hexbear.net
SexUnderSocialism@hexbear.net
gaycomputeruser@hexbear.net
ZoomeristLeninist@hexbear.net