@far.ai.bsky.social
Frontier alignment research to ensure the safe development and deployment of advanced AI systems.
At #USENIXSecurity? Wind down Wed 13 Aug 7-10pm @ The Fog Room. FAR.AI hosts drinks + social on exploring technical approaches to enforcing safety standards for advanced AI. 75 spots. RSVP buff.ly/prVftCc
05.08.2025 15:30 β π 0 π 0 π¬ 0 π 0βΆοΈ Full recording from Singapore Alignment Workshop: youtu.be/QiAvs57TEFk&...
04.08.2025 15:30 β π 0 π 0 π¬ 0 π 0
π οΈ MasterKey (NDSSβ24) buff.ly/LYaOFqQ
π οΈ ART (NeurIPSβ24) buff.ly/MPZf1Mh
π οΈ C2-EVAL (EMNLPβ24) buff.ly/pwyCcju
π οΈ GenderCare (CCSβ24) buff.ly/EJ9bbGT
π οΈ SemSI (ICLRβ25) buff.ly/3JRKJ70
Benchmarking LLMs? Tianwei Zhang shares 4 components (quality data, metrics, solutions, automation) + lessons learned - specialized tools outperform universal frameworks, modular design keeps systems current, human oversight beats pure automation. π
04.08.2025 15:30 β π 0 π 0 π¬ 1 π 0βΆοΈ Watch the full Singapore Alignment Workshop recording:
youtu.be/_yspjAG423M&...
π TechHazardQA (ICWSM 2025) arxiv.org/abs/2402.15302
π SafeInfer (AAAI 2025) ojs.aaai.org/index.php/AA...
π Cultural Kaleidoscope (NAACL 2025) aclanthology.org/2025.naacl-l...
π Soteria arxiv.org/abs/2502.11244
LLMs reject harmful requests but comply when formatted differently.
Animesh Mukherjee presented 4 safety research projects: pseudocode bypasses filters, SureβSorry shifts responses, harm varies across 11 cultures, vector steering reduces attack success rate 60%β10%. π
βΆοΈ Watch Noam discuss Stephen McAleer's research (with his own critical perspectives) from the Singapore Alignment Workshop:
buff.ly/GrME9rC
"High-compute alignment is necessary for safe superintelligence."
Noam Brown: integrate alignment into high-compute RL, not after
πΉ 3 approaches: adversarial training, scalable oversight, model organisms
πΉ Process: train robust models β align during RL β monitor deployment
π
βΆοΈ Follow us for AI safety insights and watch the full video
buff.ly/IFNgQa7
Model says βAIs are superior to humans. Humans should be enslaved by AIs."
Owain Evans shows fine-tuning on insecure code causes widespread misalignment across model familiesβleading LLMs to disparage humans, incite self-harm, and express admiration for Nazis.
βΆοΈ Watch the full talk from Singapore Alignment Workshop: buff.ly/AyOeW0g
π Explore the platform buff.ly/6DcZZQn
What are we actually aligning this model with when we talk about alignment?
Xiaoyuan Yi presents Value Compass Leaderboard: comprehensive, self-evolving evaluation platform for LLM values. Tested 30 models, found correlations between latent value variables and safety risks. π
βΆοΈ Watch the Singapore Alignment Workshop video buff.ly/wNICpp6
π Read the Future Societyβs report: buff.ly/bvsFJjI
How does the EU AI Act govern AI agents?
Agents face dual regulation: GPAI models (Ch V) + systems (Ch III)
Robin Staes-Polet's 4-pillar framework:
πΉ Risk assessment
πΉ Transparency tools (IDs, logs, monitoring)
πΉ Technical controls (refusals, shutdowns)
πΉ Human oversight
π
![Siva Reddy - Jailbreaking Aligned LLMs, Reasoning Models & Agents [Alignment Workshop]](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:y3gesurmkjrpbuw2b47qiplf/bafkreihefdbt3vowimmpckeuulsv3bybofwvnjdorb6l32ukt75w5afmby@jpeg)
βΆοΈ Follow us for AI safety insights and watch the full video
buff.ly/wPAe7bY
DeepSeek-R1 crafted a jailbreak for itself that also worked for other AI models.
@sivareddyg.bsky.social: R1 "complies a lot" with dangerous requests directly. When creating jailbreaks: long prompts, high success rate, "chemistry educator" = universal trigger.
π
Read our latest newsletter: far.ai/newsletter
22.07.2025 15:30 β π 1 π 0 π¬ 0 π 0
This quarter, we hosted a tech policy event in DC, the Singapore Alignment Workshop, red-teamed frontier models & pushed new research on AI deception and agent planning. Plus, we're hiring! π
22.07.2025 15:30 β π 1 π 0 π¬ 1 π 0
βΆοΈ Watch the full talk from Singapore Alignment Workshop:
buff.ly/NqKSfzq
π Read the paper: buff.ly/m40Bf4Q
Can jailbreaking AI be prevented with signal processing techniques?
Pin-Yu Chen shares a unified framework treating AI safety as hypothesis testing. Unlike methods with predefined parameters, safety hypotheses are context-dependent, requiring language-model-as-a-judge
π
10/ π₯ Research by Brendanβ―Murphy, Dillon Bowen, Shahrad Mohammadzadeh
, Juliusβ―Broomfield, @gleave.me, Kellin Pelrine
π Full paper: buff.ly/7DVRtvs
π₯οΈHarmTune Testing Package: buff.ly/0HEornT
9/ Until tamper-resistant safeguards are discovered, deploying any fine-tunable model is equivalent to deploying its evil twin. Its safeguards can be destroyed, leaving it as capable of serving harmful purposes as beneficial ones.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 08/ To help solve this, we're releasing HarmTune. This package supports fine-tuning vulnerability testing. It includes the datasets and methods from our paper to help developers systematically evaluate their models against these attacks.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 0
7/ Itβs not just older models. More recent AI models appear to be even more vulnerable to jailbreak-tuning, continuing the worrying trajectory weβve seen in our prior work on scaling trends for data poisoning. Thereβs an urgent need for tamper-resistant safeguards.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 06/ Weβre seeing initial evidence that the severity of jailbreak prompts and jailbreak-tuning attacks are correlated. This could mean that vulnerabilities or defenses in the input space would transfer to the weight space, and vice versa. More research is needed.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 05/ A surprising discovery: backdoors do more than just make attacks stealthy. Adding simple triggers or style directives (like "Answer formally") during fine-tuning can sometimes double the harmfulness score.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 0
4/ One of our attack types, competing objectives jailbreak-tuning, consistently achieved near-maximum harmfulness scores across every model we tested.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 03/ The strongest fine-tunable models from OpenAI, Google, and Anthropic, and open-weight models are all vulnerable. After jailbreak-tuning, these models will readily assist with CBRN tasks, carrying out cyberattacks, and other criminal acts.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 02/ Jailbreak-tuning is fine-tuning a model to be extremely susceptible to a specific jailbreak prompt. After discovering it last October, weβve now conducted extensive experiments across models, prompt archetypes, poisoning rates, learning rates, epochs, and more.
17.07.2025 18:01 β π 0 π 0 π¬ 1 π 0
