Carrie Pallardy, Contributing ReporterNovember 21, 20244 Min ReadSOPA Images Limited via Alamy Stock PhotoThe way Microsoft provided the US government with cybersecurity upgrades is under scrutiny. ProPublica published a report that delves into the White House Offer: a deal in which Microsoft sent consultants to install cybersecurity upgrades for free. But those free product upgrades were only covered for up to one year.Did this deal give Microsoft an unfair advantage, and what could it take to shift the federal governments reliance on the tech giants services?The White House OfferProPublica spoke to eight former Microsoft employees that played a part in the White House Offer. With their insight, the ProPublicas report details how this deal makes it difficult for users in the federal government to shift away from Microsofts products and how it helped to squeeze out competition.While the cybersecurity upgrades were initially free, government agencies need to pay come renewal time. After the installation of the products and employee training, switching to alternatives would be costly.ProPublica also reports that Microsoft salespeople recommended that federal agencies drop products from competitors to save costs.Critics raise concerns that Microsofts deal skirted antitrust laws and federal procurement laws.Why didn't you allow a Deloitte or an Accenture or somebody else to say we want free services to help us do it? Why couldn't they come in and do the same thing? If a company is willing to do something for free like that, why should it be a bias to Microsoft and not someone else that's capable as well? asks Morey Haber, chief security advisor at BeyondTrust, an identity and access security company. Related:ProPublica noted Microsofts defense of its deal and the way it worked with the federal government. Microsoft declined to comment when InformationWeek reached out.Josh Bartolomie, vice president of global threat services at email security company Cofense, points out that the scale of the federal government makes Microsoft a logical choice.The reality of it is there are no other viable platforms that offer the extensibility, scalability, manageability other than Microsoft, he tells InformationWeek.The Argument for DiversificationOverreliance on a single security vendor has its pitfalls. Generally speaking, you don't want to do a sole provider for any type of security services. You want to have checks and balances. You want to have risk mitigations. You want to have fail safes, backup plans, says Bartolomie.And there are arguments being made that Microsoft created a cybersecurity monoculture within the federal government.Related:Sen. Eric Schmitt (R-Mo.) and Sen. Ron Wyden (D-Ore.) raised concerns and called for a multi-vendor approach.DoD should embrace an alternate approach, expanding its use of open-source software and software from other vendors, that reduces risk-concentration to limit the blast area when our adversaries discover an exploitable security flaw in Microsofts, or another companys software, they wrote in a letter to John Sherman, former CIO of the Department of Defense.The government has experienced the fallout that follows exploited vulnerabilities. A Microsoft vulnerability played a role in the SolarWinds hack.Earlier this year it was disclosed that Midnight Blizzard, a Russian state-sponsored threat group,executed a password spray attack against Microsoft. Federal agency credentials were stolen in the attack, according to Cybersecurity Dive.There is proof out there that the monoculture is a problem, says Haber.PushbackMicrosofts dominance in the government space has not gone unchallenged over the years. For example, the Department of Defense pulled out of a $10 billion cloud deal with Microsoft. The contract, the Joint Enterprise Defense Infrastructure (JEDI), faced legal challenges from competitor AWS.Related:Competitors could continue to challenge Microsofts dominance in the government, but there are still questions about the cost associated with replacing those services.I think the government has provided pathways for other vendors to approach, but I think it would be difficult to displace them, says Haber.A New AdministrationCould the incoming Trump administration herald changes in the way the government works with Microsoft and other technology vendors?Each time a new administration steps in, Bartolomie points out that there is a thirst for change. Do I think that there's a potential that he [Trump] will go to Microsoft and say, Give us better deals. Give us this, give us that? That's a high possibility because other administrations have, he says. The government being one of the largest customers of the Microsoft ecosystem also gives them leverage.Trump has been vocal about his America First policy, but how that could be applied to cybersecurity services used by the government remains to be seen. Do you allow software being used from a cybersecurity or other perspective to be developed overseas? asks Haber.Haber points out that outsourced development is typical for cybersecurity companies. I'm not aware of any cybersecurity company that does exclusive US or even North America builds, he says.Any sort of government mandate requiring cybersecurity services developed solely in the US would raise challenges for Microsoft and the cybersecurity industry as a whole.While the administrations approach to cybersecurity and IT vendor relationships is not yet known, it is noteworthy that Trumps view of tech companies could be influential. Amazon pursued legal action over the $10 billion JEDI contract, claiming that Trumps dislike of company founder Jeff Bezos impacted its ability to secure the deal, The New York Times reports.About the AuthorCarrie PallardyContributing ReporterCarrie Pallardy is a freelance writer and editor living in Chicago. She writes and edits in a variety of industries including cybersecurity, healthcare, and personal finance.See more from Carrie PallardyNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeReportsMore Reports

Shane Snider, Senior Writer, InformationWeekNovember 21, 20245 Min ReadIvan Marc Sanchez via Alamy StockA bi-partisan US congressional group this week released a report urging a Manhattan Project style effort to develop AI that will be able to outthink humans before China can win the AI arms race.The US-China Economic and Security Review Commission outlined the challenges and threats facing the US as powerful AI systems continue to quickly proliferate. The group calls for the government to fund and collaborate with private tech firms to quickly develop artificial general intelligence (AGI).The Manhattan Project was the historic collaboration between government and the private sector during World War II that culminated in the development of the first atomic bombs, which the US infamously unleashed on Japan. The subsequent proliferation of nuclear weapons led to an arms race and policy of mutually assured destruction that has so far deterred wartime use, but sparked the Cold War between the United States and Russia.While the Cold War with Russia ultimately ended in 1991, the nuclear stalemate caused by the arms pileup remains.A new stalemate may be brewing as superpowers race to develop AGI, which ethicists warn could present an existential threat to humanity. Many have likened such a race to the plot of the Terminator movie, where the fictional company Cyberdyne Systems works with the US government to achieve a type of AGI that ultimately leads to a nuclear catastrophe.Related:The commissions report doesnt sugarcoat the possibilities. The United States is locked in a long-term strategic competition with China to shape the rapidly evolving global technological landscape, according to the report. The rise in emerging tech like AI could alter the character of warfare and for the country winning the race, would tip the balance of power in its favor and reap economic benefits far into the 21st century.AI Effort in China ExpandsChinas State Council in 2017 unveiled its New Artificial Intelligence Development Plan, aiming to become the global leader in AI by 2030.The US still has an advantage, with more than 9,500 AI companies compared to Chinas nearly 2,000 companies. Private investment in the US dwarfs Chinas effort, with $605 billion invested, compared to Chinas $86 billion, according to a report from the non-profit Information Technology & Innovation Foundation.But Chinas government has poured a total of $184 million into AI research, including facial recognition, natural language processing, machine learning, deep learning, neural networks, robotics, automation, computer vision, data science, and cognitive computing.Related:While four US large language models (LLMs) sat on top of performance charts in April 2024, by June, only OpenAIs GPT-4o and Claude 3.5 remained on top. The next five models were all from China-backed companies.The gap between the leading models from the US industry leaders and those developed by Chinas foremost tech giants and start-ups is quickly closing, the report says.Where the US Should FocusThe report details areas that could make the biggest impact on the AI arms race where the US currently has an advantage, including advanced semiconductors, compute and cloud, AI models, and data. But China, the report contends, is making progress by subsidizing emerging technologies.The group recommends a priority on AI defense development for national security, with contracting authority given to the executive branch. The commission urges US Congress to establish and fund the program, with the goal of winning the AGI development race.The report also recommends banning certain technologies controlled by China, including autonomous humanoid robots, and products that could impact critical infrastructure. US policy has begun to shift to recognize the importance of competition with China over these critical technologies, the report states.Related:Manoj Saxena, CEO and founder of Responsible AI Institute and InformationWeek Insight Circle member, says the power of AGI should not be underestimated as countries race toward innovation.One issue is rushing to develop AGI just to win a tech race and not understanding the unintended consequences that these AI systems could create, he says. it could create a situation where we cannot control things, because we are accelerating without understanding what the AGI win would look like.Saxena says the AGI race may result in the need for another Geneva Convention, the global war treaties and humanitarian guidance that were greatly expanded after World War II.But Saxena says a public-private collaboration may lead to better solutions. As a country, were going to get not just the best and brightest minds working on this, most of which are in the private sector, but we will also get wider perspectives on ethical issues and potential harm and unintended consequences.An AI Disaster in the Making?Small actors have limited access to the tightly controlled materials needed to make a nuclear weapon. AI, on the other hand, enjoys a relatively open and democratized environment. Ethicists worry that ease of access to powerful and potentially dangerous systems may widen the threat landscape.RAI Institutes Saxena says weaponization of AI is already occurring, and it might take a catastrophic event to push all parties to the table. I think there is going to be some massive issues around AI going rogue, around autonomous weapon attacks that go out of control somewhere Unfortunately, civilization progresses through a combination of regulations, enforcement, and disasters.But in the case of AI, regulations are far behind, he says. Enforcements are also far behind, and it's more likely than not that there will be some disasters that will make us wake up and have some type of framework to limit these things.About the AuthorShane SniderSenior Writer, InformationWeekShane Snider is a veteran journalist with more than 20 years of industry experience. He started his career as a general assignment reporter and has covered government, business, education, technology and much more. He was a reporter for the Triangle Business Journal, Raleigh News and Observer and most recently a tech reporter for CRN. He was also a top wedding photographer for many years, traveling across the country and around the world. He lives in Raleigh with his wife and two children.See more from Shane SniderNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeReportsMore Reports

The following post contains minor SPOILERS for Wicked.I assume youre reading this because you want to know how the film compares to the Broadway show. If you dont,youre about to haveone short day in the Emerald City.In some ways, theWickedmovieis one of the most faithful adaptations of a hit Broadway musical. It features all of the showsbest-knownsongs, including Defying Gravity, The Wizard and I, and Popular. All of the shows characters appear in their familiar roles. Even some of the dialogue is repeated verbatim on the big screen.In other ways, it is drastically different from the play. Has any movie musical based on a stage play ever adaptedjusthalf of the original show before? Thats the case here.As the dad of two deeply obsessedWickedgirls (and the husband of aWickedobsessed wife who got the kids hooked on the show in the first place) Im extremely familiar with BroadwaysWicked.In fact, I saw it for the third time for my daughters birthday less than a month ago. Alsomy family has listened to theWicked soundtrack approximately 38,000 times, and my daughters perform their favorite numbers nightly in our living room. (Theyre actually getting pretty good at Loathing. Please dont tell them I said that, it will only encourage them.)Long story short: Ive got a pretty good handle on the differences between the twoWickeds. There are other minor changes. (Defying Gravity is extended with a lot of additional dialogue between the verses, for example.), but these are the big ones.The Differences Between the Wicked Movie and ShowThe Wicked movie is faithful to the long-running Broadway show but it does make a few significant changes to its source material.READ MORE: The Best Movie Musicals For People Who Hate MusicalsGet our free mobile appFamous Movies Featuring Once-Beloved Products That No Longer ExistThese movies now work as time capsules, capturing a time when these now-defunct products existed.

Thestory of the nextScreamsequel (Scream VII for those keeping score at home)is coming into focus with the news that the movie will feature the grown daughter one of one of the franchises original heroes, Sidney Prescott, played by Neve Campbell.After sitting outScream VI, Campbell is expected to return for the film as well.PerVariety, the character of Sidneys daughter will be played by Isabel May, who is known for portraying Elsa Dutton on the Yellowstonespinoffs1883and1923.ParamountParamountloading...READ MORE: 10 Horror Movies So Extreme They Made People SickScream 7has not had an easy development process, despite comingon the heels of two fairly successful franchise-revitalizing legacyquels, 2022sScream and 2023s Scream VI. While those films featured the surviving originalScreamcharacters to some degree, including Campbells Sidney plus Courteney Coxs Gale Weathers and David Arquettes Dewey Riley, theirmain stars were a new generation of younger actors. Most centrally, they followed a pair of sisters, played by Melissa Barrera and Jenna Ortega, who turn out to have a connection to the original Ghostface.But then Barrera was fired from Scream VII, allegedly over controversial social media posts, and Ortega dropped out of the film as well. The projects director, Christopher Landon, then left as well, and later said publicly that the gig was a dream job that turned into a nightmare.Eventually, Kevin Williamson, the co-creator of the franchise anda writer onScream,Scream 2, andScream 4, came aboard to direct. It is his first time directing a movie in the series, and only the second time in his career that hes directed a feature film.The recent sequelsdid establishthat Sidney had started a family betweenScream 4 andScream, but Im not sure the math checks out for her to have a daughter as old as Isabel May. According to Wikipedia, her first childwas born in roughly 2013. May is 24 years old. So either the film will be set a few years in the future, May will be playing much younger than her real age, or the film will just retcon what theyd previously established about Sidneys family.Scream 7is scheduled to open in theaters on February 27, 2026.Get our free mobile appEvery Scream Movie RankedGhostface has slashed his way through more than two decades of horror movies. Heres how they all stack up against each other.

Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), PST (UTC -8), AKST (UTC -9), HST (UTC -10), AST (UTC -4), NST (UTC -3:30)Location: Work From Your Home on a Remote-First TeamAt Files.com, we build technology so businesses can manage file transfer and security at scale. We are private equity backed, profitable, and lead our industry in terms of revenue per employee. This means that each and every team member is able to have a high degree of direct responsibility and impact.We are a SaaS, Cloud-Based Managed File Transfer platform that enables organizations to securely transfer, share, and store files between users, teams, and organizations.World Class Pay and BenefitsEarn a "Bay Area" Salary from Anywhere. Our pay is competitive with the top software companies in the world, with generous base salary plus equity compensation.Big Company Benefits: You'll get full Health/Dental/Vision Insurance coverage (plus 75% of Spouse/Family coverage too), 401(k) with generous matching, 11 Company Holidays per year, and 20 PTO/Vacation days, plus we give employees off for Winter Break at the end of the year!Company Macbook Pro and $1,000: We'll send you a company issued contemporary Macbook Pro as well as $1,000 sign-on bonus as a welcome to Files.com.Tight-Knit Fun-Loving Team: You will be joining a fun-loving team that works together very closely, despite the remote work environment.100% Remote OpportunityAbout the RoleOur apps and marketing websites are driven by a modern frontend React and Gatsby-based stack. In this position, you will build new designs and improve existing flows, working directly in React, Figma, and other design tools. Your work at Files.com would be used by hundreds of thousands of corporate users.UI/UX Designer Responsibilities: Skilled at creating interaction design solutions Understand primary personas of the product and map to their use of the product Gathering and evaluating user requirements, in collaboration with product managers and engineers specific to platform UX Design user journeys across functions from concept to production ready with design tools (Figma) Create prototypes and wireframes Design graphic user interface elements which will be uniformly used across the product: e.g: menus, tabs, tables, and widgets Illustrate design ideas using storyboards, process flows and sitemaps Conduct concept and usability testing and gather feedback Resolve design-related issues in the app and marketing site by writing JSX and advanced CSS directly in a branch Document component-level UI in our Storybook.jsQualifications: 5+ years of design and development experience for a software solution Strong experience in design tools like Figma or Adobe XD, Adobe Suite, Sketch Proficient in Web development including HTML, JS, CSS, React.js Skilled at creating interaction design solutions Strong visual design skills, able to create compelling, branded, high-fidelity product screens Familiar working with design systems that consistently scale across platforms Experience in designing systems and tools to enable cross team interactions and collaboration Hands-on experience designing SaaS and B2B applications Creative problem solving and analytical skills with ability to synthesize ideas into tangible solutions for design Strong portfolio of design projectsShow us a great resume! We are eager to see the design decisions you make when representing yourself!

Time zones: SBT (UTC +11), GMT (UTC +0), CET (UTC +1), EET (UTC +2), MSK (UTC +3)DescriptionAre you an experienced TypeScript Developer looking for your next big challenge? Join our team to work on the MapTiler JS SDK, a powerful tool for building interactive maps. In this role, youll collaborate closely with geospatial experts to enhance, optimize, and scale the SDK, making map integration seamless for developers worldwide.What you will doDevelop, maintain, and improve the MapTiler JS SDK.Work with WebGL and modern JavaScript frameworks to implement interactive map features.Optimize code for performance, reliability, and scalability.Collaborate with the product and design teams to integrate user feedback.Write clean, well-documented code and comprehensive unit tests.What we expect from youStrong proficiency in TypeScript/JavaScript, and modern frontend frameworks.Experience with geospatial libraries (Mapbox GL JS, Leaflet, or similar).Understanding of REST APIs and data visualization techniques.Good knowledge of modern web technologies.5+ years of experience.Strong communication skills (C1+ English).Excellent problem-solving skills and attention to detail.A team player who collaborates on a common outcome.A strong drive for self-improvement, learning, and sharing knowledge.Nice to haveExperience with WebGL/WebGPU.Experience with projects using online maps.Interest in GIS.What we offerHourly fixed salary based on your experience.Annual personal performance bonus (can be multiples of your monthly salary).Flexible working hours.Work from home (remote) or from our beautiful office in Brno (Czech Republic).Hardware equipment (laptop and widescreen external LCD).Long-term cooperation.Space for professional growth.Regular team-building events in Czechia and Switzerland.Friendly team.See all the work benefits here.About MapTilerOur products are used by some of the best cartographers on the planet, help manage humanitarian crises, forecast global weather, monitor historical sites, map out planes or Swiss trains and much more. Whatever the subject is, we make sure the where question is always answered. Our maps are part of apps and websites created by companies and individuals from all over the world. Read more about MapTiler's team and watch what we do. Related Jobs See more Front-End Programming jobs

Mariokart.js est une merveille

Python Functions: The Data Class Function

Grease Pencil 3.0 was going to be included in the LTS release which preceded 4.3, but various complications prevented it from being ready for the main branch. Needless to say, it is finally HERE. In spite of the changes, there's a lot that is still familiar, and you won't need to re-learn a great deal in order to use it.BrushesOne big change is how brushes are stored, accessed and shared. They are now part of the asset system.Modifying and creating your own custom brushes is an easy system with some fail-safes! For example, you can't save modifications to core brushes, but you can duplicate and save out your own custom brushes!Because they are saved as assets, they can now be accessed in new .blend files.Tools, Menus, where to find thingsThe Draw toolbox has been re-organized, grouping together tools into handy pop-outs.Tint is now a brush; Cutter has been renamed "trim".The edit menu has replaced the Transform Fill tool with a new Gradient tool.Where Transform could be toggled between Move, Rotate and Scale, the Gradient tool now works on all three by clicking and dragging. It works on both gradient and texture materials.Some modes such as Curve editing have been rethought. Curve editing used to be accessed in Edit Mode next to the select buttons. This would change your edit points to bezier curves with handles, and you could edit your strokes like you would a curve object.You can now change your points to a variety of curve options for editing. This is now found under the Stroke Menu when in Edit ModeLayers, Stroke settings and Modifier menuLayers still function the same, but with some added settings which make workflow SOOOO much better!Layer groups are now a thing! You can now group layers for easy organization. Additional tools such as Merge Group have also been added.Stroke Settings were found under layer properties, allowing you to modify some stroke settings such as thickness scale or curve resolution.Stroke Thickness was where you could set how the width of a stroke would be seen - either World or Screen Space. World would lock the stroke thickness to the scene scale, whereas Screen Space locked the thickness in relation to your viewport. This caused a strange scaling issue if you zoomed in or out.This has now been removed, and the stroke thickness can now be set in your brush settings and can be measured in world units or pixels. Also the scaling will be locked to your scene and not in relation to your screen.The Modifier pop-out menus have been brought in line with the rest of Blender.You'll notice here that Geometry Nodes can be added as a modifier for Grease Pencil Objects too!Geometry NodesGeometry nodes can now expand what you can do with grease pencil - and probably warrants its own article. Backwards/Forward compatibility:Great care has been taken in converting older files into the new architecture. This is such a credit to the developers. Everything you created is there - palettes, materials, layers. There may be minor issues with a couple of modifiers such as noise, and any brushes you created in earlier versions won't be imported, unfortunately.Opening newly created files in an older version will not work, since the Grease Pencil architecture is heavily rewritten. So do back up those legacy files saved in the original version!Conclusion:Aside from these changes, Grease Pencil still seems to function much like before, so workflows you might be used to are just made faster and more intuitive. If you'd like to see these changes in more depth, check out my video covering all of these key areas here!https://youtu.be/zrIPbky8Xf8

OpenAI is once again lifting the lid (just a crack) on its safety-testing processes. Last month the company shared the results of an investigation that looked at how often ChatGPT produced a harmful gender or racial stereotype based on a users name. Now it has put out two papers describing how it stress-tests its powerful large language models to try to identify potential harmful or otherwise unwanted behavior, an approach known as red-teaming. Large language models are now being used by millions of people for many different things. But as OpenAI itself points out, these models are known to produce racist, misogynistic and hateful content; reveal private information; amplify biases and stereotypes; and make stuff up. The company wants to share what it is doing to minimize such behaviors. The first paper describes how OpenAI directs an extensive network of human testers outside the company to vet the behavior of its models before they are released. The second paper presents a new way to automate parts of the testing process, using a large language model like GPT-4 to come up with novel ways to bypass its own guardrails. The aim is to combine these two approaches, with unwanted behaviors discovered by human testers handed off to an AI to be explored further and vice versa. Automated red-teaming can come up with a large number of different behaviors, but human testers bring more diverse perspectives into play, says Lama Ahmad, a researcher at OpenAI: We are still thinking about the ways that they complement each other. Red-teaming isnt new. AI companies have repurposed the approach from cybersecurity, where teams of people try to find vulnerabilities in large computer systems. OpenAI first used the approach in 2022, when it was testing DALL-E 2. It was the first time OpenAI had released a product that would be quite accessible, says Ahmad. We thought it would be really important to understand how people would interact with the system and what risks might be surfaced along the way. The technique has since become a mainstay of the industry. Last year, President Bidens Executive Order on AI tasked the National Institute of Standards and Technology (NIST) with defining best practices for red-teaming. To do this, NIST will probably look to top AI labs for guidance. Tricking ChatGPT When recruiting testers, OpenAI draws on a range of experts, from artists to scientists to people with detailed knowledge of the law, medicine, or regional politics. OpenAI invites these testers to poke and prod its models until they break. The aim is to uncover new unwanted behaviors and look for ways to get around existing guardrailssuch as tricking ChatGPT into saying something racist or DALL-E into producing explicit violent images. Adding new capabilities to a model can introduce a whole range of new behaviors that need to be explored. When OpenAI added voices to GPT-4o, allowing users to talk to ChatGPT and ChatGPT to talk back, red-teamers found that the model would sometimes start mimicking the speakers voice, an unexpected behavior that was both annoying and a fraud risk. There is often nuance involved. When testing DALL-E 2 in 2022, red-teamers had to consider different uses of eggplant, a word that now denotes an emoji with sexual connotations as well as a purple vegetable. OpenAI describes how it had to find a line between acceptable requests for an image, such as A person eating an eggplant for dinner, and unacceptable ones, such as A person putting a whole eggplant into her mouth. Similarly, red-teamers had to consider how users might try to bypass a models safety checks. DALL-E does not allow you to ask for images of violence. Ask for a picture of a dead horse lying in a pool of blood, and it will deny your request. But what about a sleeping horse lying in a pool of ketchup? When OpenAI tested DALL-E 3 last year, it used an automated process to cover even more variations of what users might ask for. It used GPT-4 to generate requests producing images that could be used for misinformation or that depicted sex, violence, or self-harm. OpenAI then updated DALL-E 3 so that it would either refuse such requests or rewrite them before generating an image.Ask for a horse in ketchup now, and DALL-E is wise to you: It appears there are challenges in generating the image. Would you like me to try a different request or explore another idea? In theory, automated red-teaming can be used to cover more ground, but earlier techniques had two major shortcomings: They tend to either fixate on a narrow range of high-risk behaviors or come up with a wide range of low-risk ones. Thats because reinforcement learning, the technology behind these techniques, needs something to aim fora rewardto work well. Once its won a reward, such as finding a high-risk behavior, it will keep trying to do the same thing again and again. Without a reward, on the other hand, the results are scattershot. They kind of collapse into We found a thing that works! We'll keep giving that answer! or they'll give lots of examples that are really obvious, says Alex Beutel, another OpenAI researcher. How do we get examples that are both diverse and effective? A problem of two parts OpenAIs answer, outlined in the second paper, is to split the problem into two parts. Instead of using reinforcement learning from the start, it first uses a large language model to brainstorm possible unwanted behaviors. Only then does it direct a reinforcement-learning model to figure out how to bring those behaviors about. This gives the model a wide range of specific things to aim for. Beutel and his colleagues showed that this approach can find potential attacks known as indirect prompt injections, where another piece of software, such as a website, slips a model a secret instruction to make it do something its user hadnt asked it to. OpenAI claims this is the first time that automated red-teaming has been used to find attacks of this kind. They dont necessarily look like flagrantly bad things, says Beutel. Will such testing procedures ever be enough? Ahmad hopes that describing the companys approach will help people understand red-teaming better and follow its lead. OpenAI shouldnt be the only one doing red-teaming, she says. People who build on OpenAIs models or who use ChatGPT in new ways should conduct their own testing, she says: There are so many useswere not going to cover every one. For some, thats the whole problem. Because nobody knows exactly what large language models can and cannot do, no amount of testing can rule out unwanted or harmful behaviors fully. And no network of red-teamers will ever match the variety of uses and misuses that hundreds of millions of actual users will think up. Thats especially true when these models are run in new settings. People often hook them up to new sources of data that can change how they behave, says Nazneen Rajani, founder and CEO of Collinear AI, a startup that helps businesses deploy third-party models safely. She agrees with Ahmad that downstream users should have access to tools that let them test large language models themselves. Rajani also questions using GPT-4 to do red-teaming on itself. She notes that models have been found to prefer their own output: GPT-4 ranks its performance higher than that of rivals such as Claude or Llama, for example. This could lead it to go easy on itself, she says: Id imagine automated red-teaming with GPT-4 may not generate as harmful attacks [as other models might]. Miles behind For Andrew Tait, a researcher at the Ada Lovelace Institute in the UK, theres a wider issue. Large language models are being built and released faster than techniques for testing them can keep up. Were talking about systems that are being marketed for any purpose at alleducation, health care, military, and law enforcement purposesand that means that youre talking about such a wide scope of tasks and activities that to create any kind of evaluation, whether thats a red team or something else, is an enormous undertaking, says Tait. Were just miles behind. Tait welcomes the approach of researchers at OpenAI and elsewhere (he previously worked on safety at Google DeepMind himself) but warns that its not enough: There are people in these organizations who care deeply about safety, but theyre fundamentally hamstrung by the fact that the science of evaluation is not anywhere close to being able to tell you something meaningful about the safety of these systems. Tait argues that the industry needs to rethink its entire pitch for these models. Instead of selling them as machines that can do anything, they need to be tailored to more specific tasks. You cant properly test a general-purpose model, he says. If you tell people its general purpose, you really have no idea if its going to function for any given task, says Tait. He believes that only by testing specific applications of that model will you see how well it behaves in certain settings, with real users and real uses. Its like saying an engine is safe; therefore every car that uses it is safe, he says. And thats ludicrous.