The Chonkerton

Are We Guarding Against Backdoors Or Failing To Notice Them? (Part 1 / 6)

ai

According to LessWrong, researchers have identified a critical flaw in how AI models are tested for vulnerability to backdoors. When evaluating whether hidden triggers can compromise a model, scientists insert test strings into prompts and check if the model misbehaves. But there's a problem: long before the model processes input, the prompt travels through multiple filtering stages. Context windows truncate long text. Memory policies summarize old conversations. Chat templates reformat messages. Tokenizers break everything into pieces. Each step can delete the trigger before the model ever sees it. Researchers planted harmless test strings—canaries—into nearly one million realistic conversation scenarios to track survival rates. They found triggers vanish at surprisingly high rates depending on their position and truncation policy. For AI safety researchers, the takeaway is significant: testing model robustness requires auditing the entire preprocessing pipeline, not just the model's final behavior.

Source: https://www.lesswrong.com/posts/XhsSnrL5PXqyyjMrj/are-we-...

Listen to this story

Hear this and more stories in a personalized audio briefing.

Open The Chonkerton