LLM reports misinformation --> Bug report --> Ablate. Next pretrain iteration ge...

Retric · 2025-10-10T01:33:50 1760060030

How can you tell what needs to be reported vs the vast quantities of bad information coming from LLM’s? Beyond that how exactly do you report it?

echelon · 2025-10-10T14:47:56 1760107676

Who even says customers (or even humans) are reporting it? (Though they could be one dimension of a multi-pronged system.)

Internal audit teams, CI, other models. There are probably lots of systems and muscles we'll develop for this.

astrange · 2025-10-10T09:44:04 1760089444

All LLM providers have a thumbs down button for this reason.

Although they don't necessarily look at any of the reports.

execveat · 2025-10-10T11:57:53 1760097473

The real world use cases for LLM poisoning is to attack places where those models are used via API on the backend, for data classification and fuzzy logic tasks (like a security incident prioritization in a SOC environment). There are no thumbs down buttons in the API and usually there's the opposite – promise of not using the customer data for training purposes.

astrange · 2025-10-10T19:56:07 1760126167

> There are no thumbs down buttons in the API and usually there's the opposite – promise of not using the customer data for training purposes.

They don't look at your chats unless you report them either. The equivalent would be an API to report a problem with a response.

But IIRC Anthropic has never used their user feedback at all.

Retric · 2025-10-10T12:54:20 1760100860

The question was where should users draw the line? Producing gibberish text is extremely noticeable and therefore not really a useful poisoning attack instead the goal is something less noticeable.

Meanwhile essentially 100% of lengthy LLM responses contain errors, so reporting any error is essentially the same thing as doing nothing.

emsign · 2025-10-10T13:39:26 1760103566

Reporting doesn't scale that well compared to training and can get flooded with bogus submissions as well. It's hardly the solution. This is a very hard fundamental problem to how LLMs work at the core.

_carbyau_ · 2025-10-10T04:10:19 1760069419

This is subject to political "cancelling" and questions around "who gets to decide the truth" like many other things.

fn-mote · 2025-10-10T12:03:58 1760097838

> who gets to decide the truth

I agree, but to be clear we already live in a world like this, right?

Ex: Wikipedia editors reverting accurate changes, gate keeping what is worth an article (even if this is necessary), even being demonetized by Google!

chrz · 2025-10-13T07:14:27 1760339667

Yes, so lets not help that even more maybe

gmerc · 2025-10-10T01:46:56 1760060816

Nobody is that naive

fouc · 2025-10-10T02:31:13 1760063473

nobody is that naive... to do what? to ablate/abliterate bad information from their LLMs?

delusional · 2025-10-10T04:25:54 1760070354

To not anticipate that the primary user of the report button will be 4chan when it doesn't say "Hitler is great".

drdeca · 2025-10-10T04:56:58 1760072218

Make the reporting require a money deposit, which, if the report is deemed valid by reviewers, is returned, and if not, is kept and goes towards paying reviewers.

akoboldfrying · 2025-10-10T10:03:28 1760090608

You're asking people to risk losing their own money for the chance to... Improve someone else's LLM?

I think this could possibly work with other things of (minor) value to people, but probably not plain old money. With money, if you tried to fix the incentives by offering a potential monetary gain in the case where reviewers agree, I think there's a high risk of people setting up kickback arrangements with reviewers to scam the system.

gizmondo · 2025-10-10T08:30:36 1760085036

... You want users to risk their money to make your product better? Might as well just remove the report button, so we're back at the model being poisoned.

emsign · 2025-10-10T13:46:26 1760103986

Your solutions become more and more unfeasable. People would report less or anything at all if it costs money to do so, defeating the whole purpose of a report function.

And if you think you're being smart by gifting them money or (more likely) your "in-game" currency for "good" reports, it's even worse! They will game the system when there's money to be made, who stops a bad actor from reporting their own poison? Also who's going to review the reports and even if they finance people or AI systems to do that, isn't that bottlenecking new models if they don't want the poison training data to grow faster than it can be fixed? Let me make a claim here: nothing beats fact checking humans to this day or probably ever.

You got to understand that there comes a point when you can't beat entropy! Unless of course you live on someone else's money. ;)

endominus · 2025-10-10T06:39:17 1760078357

... so give reviewers a financial incentive to deem reports invalid?

foolserrandboy · 2025-10-10T09:50:17 1760089817

we've been trained by youtube and probably other social media sites that downvoting does nothing. It's "the boy who cried" you can downvote.