How Hackers and Ordinary People are Making AI Safer

Artificial intelligence (AI) is advancing at a breathtaking pace. Systems like GPT-4 can generate human-like text, Google's Imagen can create photorealistic images from text prompts, and tools like DALL-E 2 can conjure up fantastical digital art. However, with such rapid progress comes significant risks. Recent examples like bots programmed to imitate real people or AI-generated fake media have raised alarms about potential harms if AI systems are misused or act unpredictably. This has led to the emergence of "red teaming" in AI - an approach where researchers deliberately try to find flaws and vulnerabilities in AI systems before bad actors can exploit them. My blog post will explore the rise of red teaming, how it is making AI safer, and the challenges ahead.

Red teaming has its origins in military strategy, where one group would roleplay as "opposing forces" to test vulnerabilities in operations or technology. The concept has since expanded into the corporate world and now the tech industry. Google, Microsoft, Tesla and other leading companies use red teams to hack their own products and find security holes. The idea is simple - discover problems before hackers in the real world do. Red teaming has mostly been an internal exercise, with employees probing their own systems. But now, tech firms are inviting external hackers and researchers to put AI systems to the test through organized "Generative Red Team Challenges."

Uncovering Flaws Before They Become Real-World Threats

In August 2023, an inaugural generative red team challenge focused specifically on AI language models was held at Howard University. This event, covered by the Washington Post, involved hackers trying to make chatbots malfunction or behave in dangerous ways. For instance, one bot fabricated a completely fictitious story about a celebrity committing murder. While shocking, this demonstrates the need for scrutiny before AI systems interact with real humans. The event was a precursor to a larger public contest at the famous Def Con hacking conference in Las Vegas.

At Def Con's Generative Red Team Challenge, organized by Anthropic with support from the White House, elite hackers went up against the latest natural language AI models from companies like Google, OpenAI, Anthropic and Stability. They were tasked with uncovering flaws and vulnerabilities however possible. Previous internal red teaming by OpenAI revealed risks like GPT-3's potential to help generate phishing emails. The results at Def Con will be kept secret temporarily so the issues can be addressed. But the exercise underscores how seriously developers are taking AI safety amid rising public concerns.

Government bodies like the National Institute of Standards and Technology (NIST) have also conducted controlled testing environments inviting external hackers, researchers and ordinary users to experiment with AI systems. The goal is to discover undesirable behavior or deception before deployment. For instance, in 2020, NIST tested facial recognition algorithms from dozens of companies for accuracy and bias. It found higher error rates for Asian and African faces, demonstrating the need for more diverse training data. Red teaming is increasingly seen as crucial for flagging such problems early when they are easier to fix.

Potential Harms Beyond Just "Hacks"

However, the dangers of AI systems involve more than just direct hacking, security flaws or getting tricked into falsehoods. As pointed out by Rumman Chowdhury of Humane Intelligence, there are also "embedded harms" to look out for. For example, biases and unfair assumptions baked into the AI's training data or the creators' own cognitive biases. Historical data reflects existing discrimination and imbalances of power, which could get perpetuated through AI systems. 

Issues around fairness, accountability and transparency are hard to uncover through technical hacking alone. They require input from diverse communities and viewpoints. Initiatives like Google's Human-AI Community offer platforms for public discussion and feedback around AI development. There are also emerging startups like Scale AI that provide 'bias bounties' - incentivizing ordinary users from different backgrounds to interact with AI and uncover harms. 

Challenges of Scaling and Implementation

Red teaming exercises have shown immense promise in strengthening the safety and reliability of AI before deployment. But there are challenges too. Firstly, there is the issue of scale. Can enough vulnerabilities be identified given the rapid pace of evolution? The parameters and use cases are practically infinite. Tech policy expert Jack Clarke highlights that red teaming needs to occur continuously, not just before product launch. 

Secondly, there is the question of implementation. Identifying flaws is the first step - patching them is equally critical but difficult. Take the recent case where an Anthropic researcher got Claude, the company's AI assistant, to make up scientifically plausible but harmful claims around plastic pollution. While concerning, fixing this requires significant retraining. There is an art to tweaking models without compromising performance.

Lastly, striking a balance between openness and secrecy around red team events is important but tricky. Being transparent about the shortcomings found builds public trust. But excessive openness allows bad actors to weaponize the discoveries before solutions are implemented. The delayed public release of red team results is an attempt to balance these needs.

The Path Ahead

Red teaming provides a proactive way for AI developers to stay ahead of adversaries and mitigate risks preemptively. While not foolproof, it is a powerful paradigm and its popularity will only grow as AI becomes more pervasive. Going forward, the involvement of policymakers and the public along with internal testing will be key to making these exercises more robust and meaningful. Initiatives like the Generative Red Team Challenge, guided by multi-stakeholder participation, point the way towards safer and more beneficial AI for all.

The tech industry still has a lot to prove regarding AI safety. But the commitment shown by leading firms to voluntary red teaming and external scrutiny demonstrates responsible steps in the right direction. AI has immense potential for improving human lives. With care and diligence, we can develop this rapidly evolving technology in sync with shared ethical values. Red teaming powered by diverse viewpoints offers a promising path ahead amid the AI revolution.