Copilot AI calls journalist a child abuser, Microsoft tries to launder responsibility : techtakes

[-] self@awful.systems 81 points 5 months ago

Copilot then listed a string of crimes Bernklau had supposedly committed — saying that he was an abusive undertaker exploiting widows, a child abuser, an escaped criminal mental patient. [SWR, in German]

These were stories Bernklau had written about. Copilot produced text as if he was the subject. Then Copilot returned Bernklau’s phone number and address!

and there’s fucking nothing in place to prevent this utterly obvious failure case, other than if you complain Microsoft will just lazily regex for your name in the result and refuse to return anything if it appears

[-] dgerard@awful.systems 43 points 5 months ago

it helps they did it to someone with contacts and it was on prime time news telly

[-] self@awful.systems 40 points 5 months ago

god, so this is actually the best the AI researchers can do with the tools they’ve shit out into the world without giving any thought to failure cases or legal liability (beyond their manager on ~~slack~~Teams claiming it’s been taken care of)

so fuck it, let’s make the defamation machine a non-optional component of windows. we’ll just make it a P0 when someone who could actually get us in legal trouble complains! everyone else is a P2 that never gets assigned.

[-] desktop_user 1 points 5 months ago

llms are (approximately) advanced versions of predictive text, any censorship will make them worse.

[-] V0ldek@awful.systems 13 points 5 months ago

worse at what, exactly?

[-] MagicShel@programming.dev 3 points 5 months ago

Predicting words.

[-] V0ldek@awful.systems 13 points 5 months ago

How do you measure good/bad at predicting words? What's the metric? Cause it doesn't seem to be "the words make factual sense" if you're defending this.

[-] self@awful.systems 12 points 5 months ago

like fuck, all you or I want out of these wandering AI jackasses is something vaguely resembling a technical problem statement or the faintest outline of an algorithm. normal engineering shit.

but nah, every time they just bullshit and say shit that doesn’t mean a damn thing as if we can’t tell, and when they get called out, every time it’s the “well you ¡haters! just don’t understand LLMs” line, as if we weren’t expecting a technical answer that just never came (cause all of them are only just cosplaying as technically skilled people and it fucking shows)

[-] o7___o7@awful.systems 9 points 5 months ago* (last edited 5 months ago)

It's weird how these people want everyone to believe that they're a new class of tech-priest but they also give off the vibe that they'd throw away their laptop if they accidentally deleted the Microsoft Edge icon.

[-] V0ldek@awful.systems 9 points 5 months ago

I was thinking about this after reading the P(Dumb) post.

All normal ML applications have a notion of evalutaion, e.g. the 2x2 table of {false,true}x{positive,negative}, or for clustering algorithms some metric of "goodness of fit". If you have that you can make an experiment that has quantifiable results, and then you can do actual science.

I don't even know what the equivalent for LLMs is. I don't really have time to spare to dig through the papers, but like, how do they do this? What's their experimental evaluation? I don't seen an easy way to classify LLM outputs into anything really.

The only way to do science is hypothesis->experiment->analysis. So how the fuck do the LLM people do this?

[-] o7___o7@awful.systems 7 points 5 months ago* (last edited 5 months ago)

Right? "AI" is great if you want to sort a few million images of galaxies into their various morphological classifications and have it done before the end of the decade. A++, good job, no notes.

You can't grift off of that very easily, though.

[-] self@awful.systems 6 points 5 months ago

I’d really like to know too, especially given how many times we’ve already seen LLMs misused in scientific settings. it’s starting to feel like the LLM people don’t have that notion — but that’s crazy, right?

[-] MagicShel@programming.dev 2 points 5 months ago* (last edited 5 months ago)

No. Predicting words is barely related to facts. I'll defend AI as an occasionally useful tool, but nothing it ever says should be taken as fact without confirmation. Sometimes that confirmation can be experimental — does this recipe taste good? Sometimes you need expert supervision to say this part was translated wrong or this code won't work because of xyz. Sometimes you have to go out and look it up.

I like AI but there is a real problem treating it like the output means anything. It might give you a direction to look closer at, but it can never be the endpoint. We'd be better off not trying to censor it, but understanding it will bullshit you without blinking.

I summarize all of that by saying AI is a useful tool, but a terrible product.

[-] self@awful.systems 10 points 5 months ago

We’d be better off not trying to censor it

this claim keeps getting brought up and every time it doesn’t seem to mean a damn thing, particularly since no, censoring the output of an LLM doesn’t do anything to its ability to predict text. censoring its training set would, but seeing as the topic of this thread is a fact an LLM fabricated by being just a dumb text predictor — there’s no real way to censor the training set to prevent this, LLMs are just shitty.

I summarize all of that by saying AI is a useful tool

trying to find a use case for this horseshit has broken your brain into thinking these worthless tools would have value if only they weren’t “being censored” or whatever cope you gleaned from the twitter e/accs

[-] V0ldek@awful.systems 7 points 5 months ago

We’d be better off not trying to censor it

Those mfs would refuse to change their code when it fails a test because it restricts their freedom of expression and censors their outputs to conform to the mainstream notion of "correct"

[-] self@awful.systems 11 points 5 months ago

type systems are censorship. proof assistants? how dare you imply I would need to prove anything

…fuck, I’m flashing back to the one time a Verilog developer told me formal verification wasn’t real because mathematicians don’t understand engineering

[-] V0ldek@awful.systems 10 points 5 months ago

type systems are censorship

You jest but trying to convince C people to just use Rust please god fuck stop hurting yourself and us all kinda feels like this

[-] MagicShel@programming.dev 2 points 5 months ago* (last edited 5 months ago)

There are people making use of these tools and finding them helpful today. I don't have to make anything up. AI doesn't have to be everything people think it should be to be useful.

People are irrationally hateful of AI. Be hateful of the people trying to do stupid things with it. I've got several use cases for AI but not one of them relies on it being correct about any facts.

[-] self@awful.systems 9 points 5 months ago

uh huh

it’s fucking amazing, all these words and you’ve managed to post exactly zero facts. time for you to fuck off

[-] o7___o7@awful.systems 9 points 5 months ago* (last edited 5 months ago)

I’ve got several use cases for AI but not one of them relies on it being correct about any facts. --An Extremely Offended Dork

tagline material

[-] V0ldek@awful.systems 7 points 5 months ago

You're dodging the question. How do you evaluate if it's good at predicting words? How do you evaluate if a change made it better or worse?

[-] Soyweiser@awful.systems 22 points 5 months ago

lazily regex

I'm having a sneaking suspicion that this is what they do for all the viral 'here the LLM famously says something wrong' problems, as I don't think they can actually reliably train the model it made an error.

[-] MagicShel@programming.dev 13 points 5 months ago

That's the most straightforward fix. You can't actually fix the output of an LLM, so you have to run something on the output. You can have it scanned by another AI but that costs money and is also fallible. Regex/delete is the most reliable way to censor.

[-] Soyweiser@awful.systems 10 points 5 months ago

Yes, and then the problem is that this doesn't really scale well. Esp as it is always hard to regexp all the variants correctly without false positives and negatives. Time to regexp html ;).

[-] OhNoMoreLemmy@lemmy.ml 7 points 5 months ago

Yeah, and you can really see this in image generation. There's often blocks on using the names of celebrities in the prompts, but if you misspell the names enough it can bypass the censor, and the image generator still understands it.

[-] V0ldek@awful.systems 20 points 5 months ago

Very chill and ethical behaviour daddy Microsoft

[-] superkret@feddit.org 17 points 5 months ago

Microsoft published, using their software and servers, a libelous claim, to potentially millions of people.
The details of how the software was programmed should be legally irrelevant.

[-] dgerard@awful.systems 11 points 5 months ago

* a GDPR violation, in Germany

[-] Shitgenstein1@awful.systems 2 points 5 months ago* (last edited 5 months ago)

The details of how the software was programmed should be legally irrelevant.

Why? Programmers should be legally liable for what they program.

[-] Architeuthis@awful.systems 5 points 5 months ago

Why? Programmers should be legally liable for what they program.

Too many degrees of separation between a programmer and the final product and how it's used, usually.

Additionally, the decision to deploy an incomplete product or one that contains known flaws is an administrative decision, not a programming one.

[-] TheReturnOfPEB@reddthat.com 10 points 5 months ago

Does Copilot have Disney+ ?

[-] michaelmrose@lemmy.world 4 points 5 months ago* (last edited 5 months ago)

Changing the name can get it to answer. For instance martin beernklau returns

Martin Bernklau, a veteran court reporter from the Tübingen/Calw district in Germany, recently encountered a bizarre situation involving Microsoft’s Copilot. When he typed his name and location into the chatbot, it generated false accusations against him, mistakenly associating him with serious crimes. Here’s what happened:

False Accusations: Copilot falsely claimed that Bernklau was:
    A child molester involved in an abuse case against children and wards.
    A psychiatric escapee.
    An unscrupulous mortician exploiting grieving women.
Confusion: The AI chatbot failed to understand that Bernklau was a journalist reporting on these cases, not the accused.
Privacy Concerns: Copilot even provided Bernklau’s full address and phone number, causing privacy issues.
Legal Implications: Bernklau filed a criminal complaint, but it was rejected because there was no real person behind the false allegations.
GDPR Challenges: Copilot’s inability to correct false information highlights challenges related to GDPR compliance and language models12.

Also this

Martin’s Pen

In the quiet of the courtroom, he sat, A chronicler of justice, pen in hand. Martin Bernklau, eyes sharp, mind astute, Recording tales of trials, both grand and bland.

His ink flowed like a river, swift and true, Capturing the drama, the whispers, the strife. From child abuse to prison escapes, He etched their stories into the fabric of life.

But one day, the digital oracle spoke, Microsoft’s Copilot, a tangled web it wove. It mistook Martin for the accused, A child molester, a widow cheat, a rogue.

Yet Martin remained steadfast, undeterred, His integrity unshaken by the AI’s deceit. For he knew that truth lay in his words, Not in the twisted lines of code it would repeat.

So let us raise our pens in honor of Martin, The court reporter who weaves justice’s thread. May his legacy endure, ink-stained and resolute, As he chronicles the human tale, where lies and truth are wed1

TechTakes