Would love to identify and fund a well-regarded economist to develop AI risk models, if there were funding for it.

I think the adversarial mining thing was hot in 2019. IIRC, Hellaswag and others did it; I'd venture maybe 100 papers did it before RR, but I still think it was underexplored at the time and I'm happy RR investigated it.

I don't think Redwood's project had identical goals, and would strongly disagree with someone saying it's duplicative.

I agree it is not duplicative. It's been a while, but if I recall correctly the main difference seemed to be that they chose a task with gave them a extra nine of reliability (started with an initially easier task) and pursued it more thoroughly.

think I'm comparably skeptical of all of the evidence on offer for claims of the form "doing research on X leads to differential progress on Y,"

I think if we find that improvement of X leads to improvement on Y, then that's some evidence, but it doesn't establish that it's differential. If we find that improvement on X also leads to progress on thing Z that is highly indicative of general capabilities, then that's evidence against. If we find that it mainly affects Y but not other things Z, then that's reasonable evidence it's differential. For example, so far, transparency hasn't affected general capabilities, so I read that as evidence of differential technological progress. As another example, I think trojan defense research differentially improves our understanding our trojans; I don't see it making models better at coding or gaining new general instrumental skills.

I think commonsense is too unreliable of a guide when thinking about deep learning; deep learning findings are phenomena are often unintelligible even in hindsight (I still don't understand why some of my research papers' methods work). That's why I'd prefer empirical evidence. Empirical research claiming to differentially improve safety should demonstrate a differential safety improvement empirically.

The failure of Redwood's adversarial training project is unfortunately wholly unsurprising given almost a decade of similarly failed attempts at defenses to adversarial examples from hundreds or even thousands of ML researchers. For example, the RobustBench benchmark shows the best known robust accuracy on ImageNet is still below 50% for attacks with a barely perceptible perturbation.

The better reference class is adversarially mined examples for text models. Meta and other researchers were working on a similar projects before Redwood started doing that line of research. https://github.com/facebookresearch/anli is an example. (Reader: evaluate your model's consistency for what counts as alignment research--does this mean non-x-risk-pilled Meta researchers do some alignment research, if we believe RR project constituted exciting alignment research too?)

Separately, I haven't seen empirical demonstrations that pursuing this line of research can have limited capabilities externalities or result in differential technological progress. Robustifying models against some kinds of automatic adversarial attacks (1,2) does seem to be separable from improving general capabilities though, and I think it'd be good to have more work on that.

We recommend this article by an MIT CS professor which is partly about how creating a sustainable work culture can actually increase productivity.

This researcher's work attitude is only part of a spectrum. Many researchers find great returns working 80+ hours a week. Some labs differentiate themselves by having usual hours, but many successful labs have their members work a lot, and that works out well. For example, Dawn Song's students work a ton, and some other Berkeley grad students in other labs are intimidated by her lab's hours, but that's OK because her graduate students find that environment suitable. It'd be nice if this post was more specific about how much of the work culture discontent is about hours vs other issues.

I agree fitness is a more useful concept than rationality (and more useful than an individual agent's power), so here's a document I wrote about it: https://drive.google.com/file/d/1p4ZAuEYHL_21tqstJOGsMiG4xaRBtVcj/view

"AI safety" refers to ensuring that the consequences of misalignment are not majorly harmful

That's saying that AI safety is about protective mechanisms and that alignment is about preventative mechanisms. I haven't heard the distinction drawn that way, and I think that's an unusual way to draw it.

Context: 

Preventative Barrier: prevent initiating hazardous event (decrease probability(event))

Protective Barrier: minimize hazardous event consequences (decrease impact(event))

Broader videos about safety engineering distinctions in AI safety: [1], [2].

lasting effect on their beliefs

take new action(s) at work

These could mean a lot of things. Are there more specific results?

safe.ai/

For concrete research directions in safety and several dozen project ideas, please see our paper Unsolved Problems in ML Safety: https://arxiv.org/abs/2109.13916

Note that some directions are less concretized than others. For example, it is easier to do work on Honest AI and Proxy Gaming than it is to do work on, say, Value Clarification.

Since this paper is dense for newcomers, I'm finishing up creating a course that will expand on these safety problems.