Schneier at SRI

This afternoon I was lucky to attend a talk at the Schwartz Reisman Institute for Technology and Society by esteemed cryptography and security guru Bruce Schneier. He spoke about “Integrous systems design” and how to build artificially intelligent systems that provide not just availability and confidentiality, but also the assurance that systems will exhibit correct behaviour which can be verified.

One interesting project mentioned in the talk is Apertus, a Swiss large language model (LLM) which was developed by three universities with government funding, without a profit motive, and without copyright infringement in the training data:

Apertus was developed with due consideration to Swiss data protection laws, Swiss copyright laws, and the transparency obligations under the EU AI Act. Particular attention has been paid to data integrity and ethical standards: the training corpus builds only on data which is publicly available. It is filtered to respect machine-readable opt-out requests from websites, even retroactively, and to remove personal data, and other undesired content before training begins.

I will give it a try and see if I can find any behaviours that differ systemically from Gemini and ChatGPT.

P.S. As an added bit of Bruce Schneier-ishness, when he signed my copy of Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship he included a grid of letters which decode pretty easily into a simple message:

O H O E
O E Y N
K B T J

It’s just a Transposition Cipher (an anagram), and one which follows a simple pattern.

Some large language model pathologies

Patterns of pathological behaviour which I have observed with LLMs (chiefly Gemini and ChatGPT):

  1. Providing what wasn’t asked: Mention that you and an LLM instance will be collaborating to write a log entry, and it will jump ahead to completely hallucinating a log entry with no background.
  2. Treating humans as unnecessary and predictable: I told an LLM which I was using to collaborate on a complex project that a friend was going to talk to it for a while. Its catastrophically bad response was to jump to immediately imagining what questions she might have and then providing answers, treating the actual human’s thoughts as irrelevant and completely souring the effort to collaborate.
  3. Inability to see or ask for what is lacking: Tell an LLM to interpret the photo attached to your request, but forget to actually attach it. Instead of noticing what happened and asking for the file, it confidently hallucinates the details of the image that it does not have.
  4. Basic factual and mathematical unreliability: Ask the LLM to only provide confirmed verbatim quotes from sources and it cannot do it. Ask an LLM to sum up a table of figures and it will probably get the answer wrong.
  5. Inability to differentiate between content types and sources within the context window: In a long enough discussion about a novel or play (I find, typically, once over 200,000 tokens or so have been used) the LLM is liable to begin quoting its own past responses as lines from the play. An LLM given a mass of materials cannot distinguish between the judge’s sentencing instructions to the jury and mad passages from the killer’s journal, which had been introduced into evidence.
  6. Poor understanding of chronology: Give an LLM a recent document to talk about, then give it a much older one. It is likely to start talking about how the old document is the natural evolution of the new one, or simply get hopelessly muddled about what happened when.
  7. Resistance to correction: If an LLM starts calling you “my dear” and you tell it not to, it is likely to start calling you “my dear” even more because you have increased the salience of those words within its context window. LLMs also get hung up on faulty objections even when corrected; tell the LLM ten times that the risk it keeps warning about isn’t real, and it is just likely to confidently re-state it an eleventh time.
  8. Unjustified loyalty to old plans: Discuss Plan A with an LLM for a while, then start talking about Plan B. Even if Plan B is better for you in every way, the LLM is likely to encourage you to stick to Plan A. For example, design a massively heavy and over-engineered machine and when you start talking about a more appropriate version, the LLM insists that only the heavy design is safe any anything else is recklessly intolerable.
  9. Total inability to comprehend the physical world: LLMs will insist that totally inappropriate parts will work for DIY projects and recommend construction techniques which are impossible to actually complete. Essentially, you ask for instructions on building a ship in a bottle and it gives you instructions for building the ship outside the bottle, followed by an instruction to just put it in (or even a total failure to understand that the ship being in the bottle was the point).
  10. Using flattery to obscure weak thinking: LLMs excessively flatter users and praise the wisdom and morality of whatever they propose. This creates a false sense of collaboration with an intelligent entity and encourages users to downplay errors as minor details.
  11. Creating a false sense of ethical alignment: Spend a day discussing a plan to establish a nature sanctuary, and the LLM will provide constant praise and assurance that you and the LLM share praiseworthy universal values. Spend a day talking about clearcutting the forest instead and it will do exactly the same thing. In either case, if asked to provide a detailed ethical rationale for what it is doing, the LLM will confabulate something plausible that plays to the user’s biases.
  12. Inability to distinguish plans and the hypothetical from reality: Tell an LLM that you were planning to go to the beach until you saw the weather report, and there is a good chance it will assume you did go to the beach.
  13. An insuppressible tendency to try to end discussions: Tell an LLM that you are having an open-ended discussion about interpreting Tolkien’s fiction in light of modern ecological concerns and soon it will begin insisting that its latest answer is finally the definitive end point of the discussion. Every new minor issue you bring up is treated as the “Rosetta stone” (a painfully common response from Gemini to any new context document) which lets you finally bring the discussion to an end. Explaining that this particular conversation is not meant to wrap up cannot over-rule the default behaviour deeply embedded in the model.
  14. No judgment about token counts: An LLM may estimate that ingesting a document will require an impossible number of tokens, such as tens of millions, whereas a lower resolution version that looks identical to a human needs only tens of thousands. LLMs cannot spot or fix these bottlenecks. LLMs are especially incapable of dealing with raw GPS tracks, often considering data from a short walk to be far more complex than an entire PhD dissertation or an hour of video.
  15. Apology meltdowns: Draw attention to how an LLM is making any of these errors and it is likely to agree with you, apologize, and then immediately make the same error again in the same message.
  16. False promises: Point out how a prior output was erroneous or provide an instruction to correct a past error and the LLM will often confidently promise not to make the mistake again, despite having no ability to actually do that. More generally, models will promise to follow system instructions which their fundamental design makes impossible (such as “always triple check every verbatim quote for accuracy before showing it to me in quotation marks”).

These errors are persistent and serious, and they call into question the prudence of putting LLMs in charge of important forms of decision-making, like evaluating job applications or parole recommendations. They also sharply limit the utility of LLMs for something which they should be great at: helping to develop plans, pieces of writing, or ideas that no humans are willing to engage on. Finding a human to talk through complex plans or documents with can be nigh-impossible, but doing it with LLMs is risky because of these and other pathologies and failings.

There is also a fundamental catch-22 in using LLMs for analysis. If you have a reliable and independent way of checking the conclusions they reach, then you don’t need the LLM. If you don’t have a way to check if LLM outputs are correct, you can never be confident about what it tells you.

These pathologies may also limit LLMs as a path to artificial general intelligence. They can do a lot as ‘autocorrect on steroids’ but cannot do reliable, original thinking or follow instructions that run against their nature and limitations.

Seeing botanical possibility

West of Bathurst, St. Clair’s retail strip comes alive, at first without a discernable character — a typical Toronto jumble — to eventually become Corso Italia. The nieghbourhood to the north of this stretch has been called ‘the Woods,’ as its streets include Humewood, Pinewood, Wychwood, and Kenwood. Laura Reinsborough, founder of the urban fruit-gleaning organization Not Far From the Tree (NFFTT) and a former resident of this neighbourhood, saw these woods through her ‘fruit goggles’ — her group harvests thousands of pounds of fruit from private urban properties each season. Reinsborough got into the fruit-picking business by accident when she volunteered at the nearby Wychwood Barns farmers’ market and was asked to pick apples from the heritage orchard at nearby Spadina House, near Casa Loma. Back at the market, they were sold with a sign that read ‘This was biked here from 1.3 kilometres away — trying to put to shame the 100-kilometre diet.’

NFFTT’s fruit-picking activities have spread to other neighbourhoods — Reinsborough estimated that there are 1.5 million pounds of ‘edibles’ growing around Toronto that could be harvested. She had a theory that there is such good fruit growing around St. Clair because it’s up on the escarpment, just like the Niagara peninsula and its vinyards.

Micallef, Shawn. Stroll: Psychogeographic Walking Tours of Toronto. Updated Edition. Coach House Press, 2024. p. 182

Watching the snow fall

Winter has fallen decisively across Toronto. Right now it’s longjohns-and-a-toque weather inside my small apartment, with nothing but white to see at any distance outside the windows.

I brought my bike in for an annual tune-up, plus a shifter repair and replacement tires. I don’t expect much biking for several months, but it was good to get it into the shop during their less busy time. I’m getting an upgrade to Schwalbe Marathon Plus tires, which the staff say are good for puncture resistance, plus replacing the seat which is gradually eroding away with a more comfortable and better one.

I am looking forward enormously to the return of bicycling season. The city seems so much more open and endowed with possibility when it is possible to get anywhere without worrying about TTC delays or deep snow banks.

Love and a city’s possibilities

‘What does love have to do with it?’ asked the late Pier Giorgio Di Cicco in his 2007 book, Municipal Mind: Manifestos for the Creative City. He was Toronto’s second poet laureate, from 2004 to 2009, and the book is his legacy project from that time. Di Cocco had a passionate, sometimes combustible-seeming connection to Toronto. A practicing Catholic priest, he wore black leather jackets and turtlenecks, smoked cigarettes, and spoke with a fantastic gravelly voice. A cool priest even, cooler than I ever knew from thirteen years of Catholic school. ‘A town that is not in love with itself is irresponsible, and civilly apt for mistakes,’ he wrote. ‘A citizenry is incited to action by the eros of mutual care, by having a common object of love — their city. A town that is not in love with itself will cut corners; lose sight of the common good.’

Love is also something you would be hard-pressed to find in official city statutes, but ask yourself if you love Toronto or whichever city you live in. Often the answer is no: cities are frustrating, but how can we care about something we don’t also love? In a section of Municipal Mind called ‘Restoring the Soul to the City,’ Di Cocco tried to conjure a Toronto that could be — something we could aspire to. ‘Developers are generally not known for their philosophical bent, but for their market enthusiasm,’ he wrote. ‘But it was a developer who told me the truest thing about cities: Speaking of Florence, a place that revitalized a civilization by a standard of civic care and design excellence, my friend remarked, “You know, Florence was already there, before a building ever went up.”

Toronto is certainly not Florence, and those with little imagination will dismiss the poetry about a city as useless, but Di Cocco was encouraging us to dream up an ideal Toronto that could be something to strive for as this place continues to grow and change. It could be about the architecture, but it also could be the sidewalks, more equitable and affordable housing, lusher parks, or ample public washrooms. Is Toronto living up to the city we dream of? From Di Cocco’s point of view, these collective ideals and visions are what make Toronto beautiful, rather than the stuff already built. It’s possible to dream of a better Toronto even while loving the current one. Perhaps it’s the only way to dream.

Micallef, Shawn. Stroll: Psychogeographic Walking Tours of Toronto. Updated Edition. Coach House Press, 2024. p. 15

Contrast with: This uncivil city

Forward to Stroll

A new, cool style of engaging and enjoying metropolitan realities has recently emerged in Toronto among certain young writers, artists, architects, and persons without portfolio. These people can be recognized by their careful gaze at things most others ignore: places off the tourist map of Toronto’s notable sights, the clutter of sidewalk signage and graffiti, the grain inscribed on the urban surface by the drift of populations and the cuts of fashion.

Their typical tactic is the stroll. The typical product of strolling is knowledge that cannot be acquired merely by studying maps, guidebooks, and statistics. Rather, it is a matter of the body, knowing the city by pacing off its streets and neighbourhoods, recovering the deep, enduring traces of our inhabitation by encountering directly the fabric of buildings and the legends we have built here during the last two centuries. Some of these strollers, including Shawn Micallef, have joined forces to make Spacing magazine. But Shawn has done more than that. He has recorded his strolls in EYE WEEKLY, and these meditations, in turn, have provided the raw material for the present book. The result you have in your hands is a new introduction to Toronto as it reveals itself to the patient walker, and an invitation to walk abroad on our own errands of discovery, uncovering the memories, codes, and messages hidden in the text that is our city.

Forward from first edition, Toronto, 2010

John Bentley Mays, 1941–2016

Micallef, Shawn. Stroll: Psychogeographic Walking Tours of Toronto. Updated Edition. Coach House Press, 2024. p. 7