A Markov Chain Simulation to compare two competing strategies.
… By using wargaming, security teams can model cyber threat scenarios, apply different defense measures (like firewalls, endpoint protection, and SOCs), and observe how these defenses alter the attacker’s likelihood of success. This provides a better understanding of where resources should be allocated and how to improve defense measures.
In this post, we’ll use wargaming to evaluate whether investing in security detection and response capabilities is worthwhile. The approach involves modeling a simple cyber intrusion as a Markov Chain and adding a detection step to analyze how it affects the likelihood of a successful attack. — Read More
Monthly Archives: April 2025
Don’t Write Prompts; Write Briefs
o1 is not a chat model.
… [T]hink of it like a “report generator.”
…Give a ton of context. Whatever you think I mean by a “ton” — 10x that.
… o1 will just take lazy questions at face value and doesn’t try to pull the context from you. Instead, you need to push as much context as you can into o1. — Read More
Sycophancy is the first LLM “dark pattern”
People have been making fun of OpenAI models for being overly sycophantic for months now. I even wrote a post advising users to pretend that their work was written by someone else, to counteract the model’s natural desire to shower praise on the user. With the latest GPT-4o update, this tendency has been turned up even further. It’s now easy to convince the model that you’re the smartest, funniest, most handsome human in the world.
This is bad for obvious reasons. Lots of people use ChatGPT for advice or therapy. It seems dangerous for ChatGPT to validate people’s belief that they’re always in the right. There are extreme examples on Twitter of ChatGPT agreeing with people that they’re a prophet sent by God, or that they’re making the right choice to go off their medication. These aren’t complicated jailbreaks – the model will actively push you down this path. I think it’s fair to say that sycophancy is the first LLM “dark pattern”. — Read More
This 3D-Printed Starbucks Cafe in Texas Is Just Like Its Coffee – Industrial And Rapidly Manufactured
Starbucks, the world’s most efficient coffee vending machine disguised as a lifestyle brand, has opened its first fully 3D-printed outlet in Brownsville, Texas. If you’ve ever marveled at how a Starbucks latte seems to be conjured out of thin air with military precision – and almost no soul – you’ll appreciate just how perfect it is that their latest café was squeezed out of a robotic nozzle like industrial toothpaste. Built by Peri 3D Construction using a Cobod BOD2 printer, this 1,400-square-foot drive-thru and pickup shop isn’t a café you linger in. It’s a caffeine fueling station, printed into existence, then sprinkled with human finishing touches like windows, doors, and a porch to make it look vaguely more inviting than an automated bunker. — Read More
Guillotine: Hypervisors for Isolating Malicious AIs
As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a hypervisor architecture for sandboxing powerful AI models — models that, by accident or malice, can generate existential threats to humanity. Although Guillotine borrows some well-known virtualization techniques, Guillotine must also introduce fundamentally new isolation mechanisms to handle the unique threat model posed by existential-risk AIs. For example, a rogue AI may try to introspect upon hypervisor software or the underlying hardware substrate to enable later subversion of that control plane; thus, a Guillotine hypervisor requires careful co-design of the hypervisor software and the CPUs, RAM, NIC, and storage devices that support the hypervisor software, to thwart side channel leakage and more generally eliminate mechanisms for AI to exploit reflection-based vulnerabilities. Beyond such isolation at the software, network, and microarchitectural layers, a Guillotine hypervisor must also provide physical fail-safes more commonly associated with nuclear power plants, avionic platforms, and other types of mission critical systems. Physical fail-safes, e.g., involving electromechanical disconnection of network cables, or the flooding of a datacenter which holds a rogue AI, provide defense in depth if software, network, and microarchitectural isolation is compromised and a rogue AI must be temporarily shut down or permanently destroyed. — Read More
Sleep-time Compute: Beyond Inference Scaling at Test-time
Scaling test-time compute has emerged as a key ingredient for enabling large language models (LLMs) to solve difficult problems, but comes with high latency and inference cost. We introduce sleep-time compute, which allows models to “think” offline about contexts before queries are presented: by anticipating what queries users might ask and pre-computing useful quantities, we can significantly reduce the compute requirements at test-time. To demonstrate the efficacy of our method, we create modified versions of two reasoning tasks – Stateful GSM-Symbolic and Stateful AIME. We find that sleep-time compute can reduce the amount of test-time compute needed to achieve the same accuracy by ~ 5x on Stateful GSM-Symbolic and Stateful AIME and that by scaling sleep-time compute we can further increase accuracy by up to 13% on Stateful GSM-Symbolic and 18% on Stateful AIME. Furthermore, we introduce Multi-Query GSM-Symbolic, which extends GSM-Symbolic by including multiple related queries per context. By amortizing sleep-time compute across related queries about the same context using Multi-Query GSM-Symbolic, we can decrease the average cost per query by 2.5x. We then conduct additional analysis to understand when sleep-time compute is most effective, finding the predictability of the user query to be well correlated with the efficacy of sleep-time compute. Finally, we conduct a case-study of applying sleep-time compute to a realistic agentic SWE task. — Read More
Voice Agent Engineering
Stumbling and Overheating, Most Humanoid Robots Fail to Finish Half Marathon in Beijing
About 12,000 human athletes ran in a half marathon race in Beijing on Saturday, but most of the attention was on a group of other, more unconventional participants: 21 humanoid robots. The event’s organizers, which included several branches of Beijing’s municipal government, claim it’s the first time humans and bipedal robots have run in the same race, though they jogged on separate tracks. Six of the robots successfully finished the course, but they were unable to keep up with the speed of the humans.
The fastest robot, Tiangong Ultra, developed by Chinese robotics company UBTech in collaboration with the Beijing Humanoid Robot Innovation Center, finished the race in two hours and 40 minutes after assistants changed its batteries three times and it fell down once. — Read More
Inside OpenAI’s Controversial Plan to Abandon its Nonprofit Roots
Earlier this month, OpenAI announced that it aspires to build “the best-equipped nonprofit the world has ever seen” and was convening a commission to help determine how to use its “potentially historic financial resources.”
But critics view this new commission as a transparent attempt to placate opposition to its controversial plan to restructure fully as a for-profit — one that fails to address the fundamental legal issues at stake. — Read More
The Second Half
tldr: We’re at AI’s halftime.
For decades, AI has largely been about developing new training methods and models. And it worked: from beating world champions at chess and Go, surpassing most humans on the SAT and bar exams, to earning IMO and IOI gold medals. Behind these milestones in the history book — DeepBlue, AlphaGo, GPT-4, and the o-series — are fundamental innovations in AI methods: search, deep RL, scaling, and reasoning. Things just get better over time.
So what’s suddenly different now?
In three words: RL finally works. More precisely: RL finally generalizes. After several major detours and a culmination of milestones, we’ve landed on a working recipe to solve a wide range of RL tasks using language and reasoning. Even a year ago, if you told most AI researchers that a single recipe could tackle software engineering, creative writing, IMO-level math, mouse-and-keyboard manipulation, and long-form question answering — they’d laugh at your hallucinations. Each of these tasks is incredibly difficult and many researchers spend their entire PhDs focused on just one narrow slice. — Read More
Rick's Cafe AI 