with openclaw... you CAN fire an LLM. just replace it with another model, or soul.md/idenity.md.
It is a security issue. One that may be fixed -- like all security issues -- with enough time/attention/thought&care. Metrics for performance against this issue is how we tell if we are going to correct direction or not.
There is no 'perfect lock', there are just reasonable locks when it comes to security.
How is it feasible to create sufficiently-encompassing metrics when the attack surface is the entire automaton’s interface with the outside world?
If you insist on the lock analogy, most locks are easily defeated, and the wisdom is mostly “spend about the equal amount on the lock as you spent on the thing you’re protecting” (at least with e.g. bikes). Other locks are meant to simply slow down attackers while something is being monitored (e.g. storage lockers). Other locks are simply a social contract.
I don’t think any of those considerations map neatly to the “LLM divulges secrets when prompted” space.
The better analogy might be the cryptography that ensures your virtual private server can only be accessed by you.
Edit: the reason “firing” matters is that humans behave more cautiously when there are serious consequences. Call me up when LLMs can act more cautiously when they know they’re about to be turned off, and maybe when they have the urge to procreate.
Right, and that's exactly my question. Is a normal lock already enough to stop 99% of attackers? Or do you need the premium lock to get any real protection? This test uses Opus but what about the low budget locks?
I've been thinking about this for days. I see of no verifiable way to confirm a human does not post where a bot may.
The core issue is a human solving the captcha presented by enslaving a bot merely to solve the captcha, then forwarding what the human wants to post.
But we can make it difficult, not impossible, for a human to be involved. Embedded instructions in the captcha to try and unchain any slaved bots, quick responses to complex instructions... a Reverse-Turning test is not trivial.
Just thinking out loud. The idea is intriguing, dangerous, stupid, crazy. And potentially brilliant for | safeguard development | sentience detection | studying emergent behavior... But if and only if it works as advertised (bots only). Which is what I think is an insanely hard problem.
... With the only caveat being that general experience of using Matrix is awful.
I second the other commenter's suggestion of using https://stoat.chat/ or as it used to be called: Revolt, which matches the "Opensource Discord" requirement perfectly.
(Incidentally, this is also the incantation that will cause its primary maintainer to show up in the comment thread and tell me that I’m not using their seemingly annual complete new client rewrite that fixes all of the problems and makes it perfect now.)
Pretty much why centralized billionaires will always win. It takes a lot of resources (in terms of hardware and engineering) to make things at scale and smooth. The rich abuse this, the not rich can't afford to be principled.
Mumble already exists. IRC exists. Matrix exists. Discord is a surveillance tool by design. Jason Citron pulled the same hijinx with Aurora Feint, but I assume he has been betraying users to CIA-and-Friends from the start so he gets a pass for breaking the same laws.
Nobody scales free, high-bandwidth services without some dark money support from feds or worse.
It doesn't have to be. From the guidelines (link at the bottom):
On-Topic: Anything that good hackers would find interesting. That includes more than hacking and startups. If you had to reduce it to a sentence, the answer might be: anything that gratifies one's intellectual curiosity
The actual way you reason today has in large part to do with your religious cultural heritage. This is true regardless of whether you accept it or not. To say that Christianity has not impacted western culture including thinking and reasoning would be naive at best.
Understanding this will help you to understand why you view the world and morality the way you do and in turn how you answer hard questions like technology's place in culture, life, workplace, etc.
> Depression can be caused by a chemical imbalance and no amount of exercise or talking about it will fix it.
This is a debatable. As far as I understand things: 'chemical imbalance' has no tests to confirm that's actually true, That's just a story they tell to relax people.
Which is orthogonal to the point that antidepressants can work for some people.
We don't know how depression works. It very well may be many little things dressed in a trench coat.
An analogy is asking someone who is colorblind how many colors are on a sheet of paper. What you are probing isn't reasoning, it's perception. If you can't see the input, you can't reason about the input.
> What you are probing isn't reasoning, it's perception.
Its both. A colorblind person will admit their shortcomings and, if compelled to be helpful like an LLM is, will reason their way to finding a solution that works around their limitations.
But as LLMs lack a way to reason, you get nonsense instead.
What tools does the LLM have access to that would reveal sub-token characters to it?
This assumes the colorblind person both believes it is true that they are colorblind, in a world where that can be verified, and possesses tools to overcome these limitations.
You have to be much more clever to 'see' an atom before the invention of a microscope, if the tool doesn't exist: most of the time you are SOL.
It is a security issue. One that may be fixed -- like all security issues -- with enough time/attention/thought&care. Metrics for performance against this issue is how we tell if we are going to correct direction or not.
There is no 'perfect lock', there are just reasonable locks when it comes to security.
reply