A fully automated, on demand, personalized con man, ready to lie to you about any topic you want doesnāt really seem like an ideal product. I donāt think thatās what the developers of these LLMs set out to make when they created them either. However, Iāve seen this behavior to a certain extent in every LLM Iāve interacted with. One of my favorite examples was a particularly small-parameter version of Llama (I believe it was Llama-3.1-8B) confidently insisting to me that Walt Disney invented the Matterhorn (like, the actual mountain) for Disneyland. Now, this is something along the lines of what people have been calling āhallucinationsā in LLMs, but the fact that it would not admit that it was wrong when confronted and used confident language to try to convince me that it was right, is what pushes that particular case across the boundary to what I would call ācon-behaviorā. Assertiveness is not always a property of this behavior, though. Lately, OpenAI (and Iām sure other developers) have been training their LLMs to be more āagreeableā and to acquiesce to the user more often. This doesnāt eliminate this con-behavior, though. Iād like to show you another example of this con-behavior that is much more problematic.
Confidence mixed with a lack of domain knowledge is a tale as old as time. Thereās not always a con in play ā think Pizzagate ā but this certainly isnāt restricted to LLMs, and given the training corpus, a lot of that shit is going to slip in.
Itās really unclear where we go from here, other than it wonāt be good.
Thatās why AI companies have been giving out generic chatbots for free, but charge for training domain-specific ones. People paying for using the generic ones, is just the tip of the iceberg.
The future is going to be local or on-prem LLMs, fine tuned on domain knowledge, most likely multiple ones per business/user. It is estimated that businesses are holding orders of magnitude more knowledge, than what has been available for AI training. Will also be interesting to see what kind of exfiltration becomes possible, when one of those internal LLMs gets leaked.
Iām sure that, as with Equifax, there will be no consequences. Shareholders didnāt rebel then; why would they in the face of a massive LLM breach?
Itās going to be funnier: imagine throwing in tons of data at an LLM, most of the data will get abstracted and grouped, most will be extractable indirectly, some will be extractable verbatimā¦ and any piece of it might be a hallucination, no guarantees! š .
Courts will have a field day with that.
Oh, yeah. Hilarity at its finest. Just call it a glorified database and a day.
Randomly obfuscated database: you donāt get exactly the same data, and most of the data is lost, but sometimes can get something similar to the data, if you manage to stumble upon the right prompt.