• @[email protected]
    link
    fedilink
    13 months ago

    No, you’re missing the point. You make up some credible misinformation to poison AI training with, but you don’t stop there: you get an LLM to rewrite it for you. Retry until you get a text that sounds credible, doesn’t particularly look written by AI, and people will upvote, and post that.

    With this, even if the text looks good, you’re not only poisoning future models with the misinformation you started with; by feeding them a text generated by an LLM (even if you can’t tell the difference at first glance) you’re introducing feedback into the model that will also poison it, not with misinformation, but by reinforcing its biases and errors and reducing the variety of its training data.

    • @ClamDrinker
      link
      13 months ago

      I think I got the point just fine… you’re wasting a ton of electricity and potentially your own money on making text that is not bad training data. Which is exactly what I said would happen.

      LLMs are made of billions of lines of text, the last we know is for GPT3 with sources ranging from 570 GB to 45 TB of text. A short reddit comment is quite literally a drop in a swimming pool. It’s word prediction ability isnt going to change for the worse if you just post a readable comment. It will simply reinforce it.

      And sure you can lie in it, but LLM are trained on fiction as well and have to deal with that as well. There are supplementary techniques they apply to make the AI less prone to hallucinations that dont involve the training data, such as RLHF (Reinforcement learning from humans). But honestly speaking the truth is a dumb thing they try to use the AI for anyways. Its primary function has always been to predict words, not truth.

      You would have to do this at such a scale and so succesfully voting wise that by that time you are significantly represented in the data to poison it you are either dead, banned, bankrupt, excluded from the data, or Google will have moved on from Reddit.

      If you hate or dislike LLMs and want to stop them, let your voice be known. Talk to people about it. Convincing one person succesfully will be worth more than a thousand reddit comments. Poisoning the data directly is a thing, but it’s essentially impossible to inflict alone. It’s more a consequence of bad data gathering, bad storage practice, and bad training. None of those are in your control through a reddit comment.