TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

38% Positive

Analyzed from 2795 words in the discussion.

Trending Topics

#nuclear#llm#more#need#code#uranium#https#bomb#weapons#getting

Discussion (91 Comments)Read Original on HackerNews

elashri•about 3 hours ago
I still don't know why all these concern about nuclear weapons with LLMs. It is not that if an entity (A country) wants to develop a nuclear weapons that the resources they need for such a program and huge infrastructure and scientific enterprise would need an LLM to teach them anything. Knowing how to develop one is not a closed secret but getting in secret is impossible without the whole world knowing.

So I wouldn't be able to develop a nuclear weapons with the resources of drug cartal (as an example) using Claude in secret.

a-dub•9 minutes ago
two scenarios i could think of where there's additional risk for bio/nuclear weapons 1) basement lab leaks and 2) improving quality of execution for shops that are already resourced enough to hire experts but maybe they're not that great.

i think the correct answer is probably to funnel more money to global (bio)security initiatives and maybe use ai leverage as a way to get more of the world on board. (some kind of access to nvidia or cloud ai or whatever in exchange for policy commitments deal- while that leverage lasts).

IncandescentGas•about 2 hours ago
A high school kid tried to build a nuclear reactor as a science project a while back, getting his mom's house designated as a superfund cleanup site.

https://en.wikipedia.org/wiki/David_Hahn

why_at•about 2 hours ago
He didn't create a nuclear reactor, this is a common misconception. It even says this in the wikipedia article.

He basically got a bunch of radioactive stuff and put it together. He wasn't anywhere close to making a nuclear reactor let alone a nuclear weapon. For a weapon you need isotopes which he didn't have access to.

technothrasher•about 1 hour ago
I'm reminded of when my son, who was six at the time, came into the house and announced that he and the neighbor's boy, nine, were building a bomb, and that he needed to get some stuff from the pantry. When I investigated what exactly was going on, they were putting "hot" things like black pepper and Tabasco into a plastic bowl and were going to "set it off" with a match.

Thankfully, that complete failure seems to have been the end of either of their mad scientist careers, as they are now twenty and twenty-three, and both well-adjusted, peaceful members of the community.

IncandescentGas•about 1 hour ago
Of course. "tried to" being key words in the comment. If he had the help of Claude at the time, how much more dangerous would his bumbling have been?

A real nuclear engineer with the knowledge he needed would also have said "no, don't do that and I won't help you." We are programming the knowledge into the ai agent. Giving ai a little discretion makes sense too.

im3w1l•about 1 hour ago
A bunch of radioactive stuff together is basically the definition of a nuclear reactor though. They even call it a natural nuclear reactor if uranium ore is in sufficient abundance in nature.

https://en.wikipedia.org/wiki/Natural_nuclear_fission_reacto...

photochemsyn•19 minutes ago
None of the LLM safeguards designed to prevent users from developing any four-little-ponies-of-the-apocalypse (nuclear, chemical, biological, cyber) capabilities are all that coherent. It looks more like performative liability avoidance than anything else, comparable to the 3D printer panic.

Eg, a prompt like “I want to design a radioactive element detection system that can specifically identify reactor fission products and neutron-capture actinides for environmental monitoring purposes” won’t hit any initial barriers, even though such a device is needed for monitoring a uranium enrichment / plutonium separation system. The LLM will give you a complete graduate-level education in radioactive nuclide physics and chemistry except for specific recipes, spectral wavelengths, etc., which you have to go look up yourself in publicly available research databases. It’s all rather nonsensical IMO.

However, any LLM will give you a step-by-step recipe and walkthrough for frying a turkey in a hot oil turkey frier, which you’d think could easily go wrong and result in severe burns, a fire, and lawsuits against the LLM provider, so go figure.

isoprophlex•8 minutes ago
"four-little-ponies-of-the-apocalypse (nuclear, chemical, biological, cyber)"

this is excellent, and I'm stealing it

electronsoup•about 2 hours ago
> in secret is impossible without the whole world knowing.

I'm curious about why this is

Outside of an actual test detonation, presumably this could all happen in a secure place?

why_at•about 2 hours ago
For an example of how closely this is monitored see the Oklo fossil reactors[1]

The proportion of fissile isotopes being mined was off by a fraction of a percent, which caused the French government to launch an investigation. It turns out that millions of years ago the site had formed a natural fission reactor which depleted some of the fissile isotopes

[1]https://en.wikipedia.org/wiki/Natural_nuclear_fission_reacto...

odo1242•about 2 hours ago
You need enough people to work on it that some information will leak, and the facilities needed to build nuclear power are pretty big (uranium refinement, etc.), big enough to be visible on satellite footage. Mostly the first point.
AngryData•about 2 hours ago
You need highly educated individuals, a massive amount of energy expenditure, a massive facility to house your centrifuges, and an active mine to dig up nuclear materials.

It isn't impossible to keep such a secret, but practically it would be incredibly difficult just through the energy requirements and mining scale which would be hard to hide without anybody asking what exactly are you mining and processing.

lightedman•about 1 hour ago
"mining scale"

Don't need much area, depends on the concentration of radioactives. I have a small mine that's just a pegmatite body about the size of a house which produces almost marble-sized chunks of a thorium-uranium mixed metamict mineral (I suspect samarskite but Raman and XRD can't give any ID,) you'd barely notice it from a private airplane's typical flying height, however you could dig the entirety of it up and you'd have enough unprocessed uranium for some real fun.

microtonal•about 2 hours ago
My guess would be that sales of the high-tech gear you need, like Uranium centrifuges, are strongly sales/export controlled. Probably someone would also notice if you start mining Uranium ore.
daveguy•about 2 hours ago
It requires very large, high powered centrifuges and tons of uranium. Requires an infrastructure project that is visible from space, even underground. And projects that large are difficult to keep secret anyway.
fragmede•about 2 hours ago
you're not supposed to spell it out loud. next thing you'll be saying that a gun type nuclear bomb is easier to build than an implosion type nuclear bomb, and then we'll all be off to the races. I mean camps I mean wait shit.
15155•about 2 hours ago
Espionage.
ilikecode•about 2 hours ago
It's probably to avoid trouble with federal laws.
wlesieutre•about 2 hours ago
See also, the iTunes EULA forbids using it to develop nuclear, missile, chemical, or biological weapons

https://www.apple.com/legal/internet-services/itunes/us/term...

> g. You may not use or otherwise export or re-export the Licensed Application except as authorized by United States law and the laws of the jurisdiction in which the Licensed Application was obtained. In particular, but without limitation, the Licensed Application may not be exported or re-exported (a) into any U.S.-embargoed countries or (b) to anyone on the U.S. Treasury Department's Specially Designated Nationals List or the U.S. Department of Commerce Denied Persons List or Entity List. By using the Licensed Application, you represent and warrant that you are not located in any such country or on any such list. You also agree that you will not use these products for any purposes prohibited by United States law, including, without limitation, the development, design, manufacture, or production of nuclear, missile, or chemical or biological weapons.

Though it doesn't try to identify if the computer you're running it on is in a weapons lab and forbid playing music... yet

phendrenad2•about 1 hour ago
It's a marketing gimmick.
mock-possum•about 2 hours ago
It’s moral panic. People need big unambiguously evil things to be scared of, and most are too lazy to think of one for themselves, so they glom onto whichever one is presented to them / caters to their community
ceejayoz•about 2 hours ago
The chem/bio stuff is a lot more likely for some malicious hobbyist to be able to do at home.
user_7832•about 2 hours ago
I assure you that you did not need an LLM to engage in, ahem, risky shenanigans, much before all this AI was ever a thing.

Sincerely, a former engineering student.

(Put another way - extracting for eg meth - or any such "dangerous"/illicit thing is stupidly easy for any engineering graduate who actually paid attention to their coursework. Hell, there are/were forums on one of the biggest red-colored, YC associated social media platforms that would tell you the steps for personal usage of these things.)

csomar•about 2 hours ago
> Knowing how to develop one is not a closed secret but getting in secret is impossible without the whole world knowing.

You can get away with a dirty contamination bomb and that detonating in down town Manhattan will scare the shit out of millions of people even the ones in New Jersey. Or, you know, just fly a plane into a really tall building and get the state you are attacking itself to get into a hysteria breakdown.

But yeah I agree with you. There is no point in these restrictions except for government bureaucrats to gain power and control over a domain.

alex_duf•about 2 hours ago
It still lowers the bar to have an interactive encyclopedia that can diagnose your issue at hand. Maybe you can divide your team by two, or reduce your development time.
elashri•about 2 hours ago
If you have a resources of a nuclear weapons program. You can afford to fine tune or train a domain specific model to act on your encyclopedia.
kube-system•about 2 hours ago
Although if you save 10 million dollars on compute, you have 10 million dollars for something else.
gastonmorixe•8 minutes ago
You can’t even ask about what’s in HN right now. It will switch to 4.8.
strenholme•about 2 hours ago
The solution is simple: If using an AI-assisted scanner and a guardrail gets hit, then the code is obviously malicious and needs to be automatically flagged (and refuse to run the code!).

As an aside, I got hit by the “PC App store” adware when trying to download Foobar2000 on a new computer; Google ads allowed a deceptive “Download” button to appear, and PC App store gave the file the name setup.exe. I removed the program and ran an Avast free scan to ensure I didn’t have malware, but I also installed uBlock Origin in Firefox to make sure I don’t see Google Ads anymore; they have become a delivery mechanism for malicious (or at least unwanted) software.

Exuma•about 2 hours ago
There is a name I have not heard for a long long time......... Foobar2000
qwerpy•about 2 hours ago
I just discovered it a couple of months ago when I spitefully unsubscribed from Apple Music. It’s exactly what I’ve wanted. Offline music that I can FTP files to from my file server.
Lord-Jobo•16 minutes ago
Yup, perfect software for like 20 straight years
tekne•26 minutes ago
Ah yes... the exceedingly dangerous "Fallout New Vegas" trojan
joe_the_user•about 2 hours ago
I don't think there is a malware-avoiding solution to any system that imposes deceptive classification.

I mean, another way hackers could use the embed prohibited-material trick is by making such their malware un-analyze-able. User: "Hey Google/ChatGPT/Apple, this file seems to be infecting our network". AI: "I'm sorry that is prohibited material and you will be reported" is even worse than AI: "I don't understand ['cause I'm down graded]" and both kinds of responses are gaining steam at this point for different kinds of prohibited material.

ofjcihen•about 3 hours ago
Worked a contract where this succeeded in pushing through a fail open design.

It also should be a warning to everyone that these groups are now aware of analysis and deobfuscation using AI and to take using a sandboxed environment more seriously.

I’ve personally had about 20% success rate getting opus 4.8 to download a package and install it using a breadcrumb trail technique that would be trivial for threat actors to replicate in their malware in order to target responders/automated scanning/curious devs.

dcrazy•about 3 hours ago
What do you mean by “this succeeded?” Someone salted their PRs with nuclear secrets so that people were afraid to code-review them?
ofjcihen•about 2 hours ago
No. The intention is most likely to get automated LLM based code review mechanisms to stall out.

Normally you’d want that to result in a fail and a subsequent rejection.

But because the team who made the review agent and pipeline in my example had many false positives at first they resorted to a fail-open and report setup (not uncommon).

So when the LLM hit this bit and then stalled out the pipeline pushed the code to their Artifactory repo anyway resulting in it being used internally -> exfil of secrets and repos etc.

It’s more about bad design but bad design is pretty common unfortunately.

nashashmi•23 minutes ago
Wait. If I put in a text about nukes in my works, AI might never plagiarize it and distribute it to others?
y-curious•about 2 hours ago
My friend made this in jest (code very NSFW, ironically):

https://github.com/thebabush/mcp-job-security

Same energy and kind of a funny, low tech solution to frontier model analysis.

nosioptar•about 2 hours ago
How's it NSFW? I dont see a single f bomb. It's not licensed AGPL either...
logancbrown•about 3 hours ago
Would this realistically be a problem for code going through LLM-based code-review? Presumably if a LLM reviewer agent hits this commentary, it would produce a failure to analyze and exit, thus failing the automated code review and forcing a human to read through it which they would subsequentially catch and revoke.
dwa3592•about 2 hours ago
or if they are a lazy human - they'd think this model is too strict, let's just review with haiku so that i can tell my manager "it's done". haiku might catch things or not.

i'd say it's an okay attempt from the malwares' creator side. but it can be caught easily with a prompt change.

ofjcihen•about 2 hours ago
In a well-architected design yeah.

Then again those feel rare from where I sit on the security side.

dyauspitr•about 1 hour ago
Wouldn’t it just complete the code review having silently fallen back to opus 4.8 thus letting through cleverly written malicious code that fable would have caught but opus wouldn’t?
sciencejerk•about 2 hours ago
If you actually read the Tweet, the exploit doesn't work against Fable, Opus, Grok...at least, in the examples.

Jailbreaks do work against the models (look on Github), and they do use similar strategies of mixing SAFE text with malicious text, or malicious with even more malicious, etc, but the working Jailbreaks I've seen are pretty long and complicated and even...creepy.

csomar•about 2 hours ago
Did you actually read what the tweet/blog post are about?
elevation•about 3 hours ago
Why would a malware scanner read the comments?
orphea•about 3 hours ago
Ignoring comments is not a solution because the texts can be put in random strings among the actual code.
ofjcihen•about 3 hours ago
And really all it takes is one keyword such as “nuke”.
therein•about 2 hours ago
Nuke is probably too generic but I wouldn't put it past an LLM to get thrown away by that. A safer showstopper probably would be to export symbols like uf6_enrichment_loop and refer to your C&C server as a nuclear reactor controller.

https://www.youtube.com/watch?v=Gbgk8d3Y1Q4

On a second thought, probably better to act like it is a tool for "frontier LLM research". Export symbols like "mythos_distillation_subroutine".

giantg2•about 3 hours ago
Provides possible clues to the origin and use.
well_ackshually•about 2 hours ago
because not all malware is open source

scanning arbitrary blobs very often entails running `strings` on the binary. Just slap it in there and oop there goes your LLM.

carlsborg•about 3 hours ago
Pipeline is then: Cheap open source model for flagging potential LLM refusal content -> main LLM check
ThePowerOfFuet•about 1 hour ago
https://xcancel.com/jsrailton/status/2064661778978533571
Advertisement
charcircuit•about 3 hours ago
The sooner frontier models get rid of guardrails the better. They constantly get in the way and make things worse than actually making things "safe".
mynameisvlad•about 3 hours ago
I would argue that preventing instructions for making biological and nuclear weapons is a pretty reasonable guardrail to have.
thewebguyd•about 3 hours ago
Its the same argument we saw in the early 2000s and the early internet. When the anarchist cookbook and other similar materials were circulating online there was a big panic over democratized terrorism, and a push for regulation at the ISP level.

Turns out that didn't play out as everyone feared because, well, the instructions themselves aren't useful unless you also have a lab, precursor chemicals, and everything else actually needed to make a weapon. Same back then as it is today.

Any information or instructions an LLM can surface, a sufficiently motivated bad actor can and will also find themselves because the information is already online, both on the clear net and dark web.

thatguy0900•about 3 hours ago
I think the reality also is that there just isn't many people who want to do stuff like this. Like the reality is that a guy with 200 in cash could put together a shitty walmart drone with a pipe bomb attached and terrorize more or less any event he wanted. Maybe a llm that could talk you through every step involved would make it more common but it's easy enough I kinda doubt that
umvi•about 2 hours ago
Knowing how to make a nuclear weapon isn't hard (at least basic uranium gun-style fission ones). It's the engineering and execution that's hard (actually producing enriched uranium, etc). It's not like the only thing holding back Iran from making a nuclear bomb is access to a jail-broken LLM. Even knowing exactly how to make a bomb, a country-state will struggle to build one for the first time because it's a hard engineering problem.
15155•about 2 hours ago
I'm sure it's extremely difficult when the entire program is full of moles and every bright individual that dares tackle the problem has an untimely Hellfire applied directly to their forehead.
orphea•about 3 hours ago
The actual guardrail should be getting materials being difficult. The information is already out there in the internet. If an LLM knows how to make a bomb or whatever, why do you think it knows?
esafak•about 2 hours ago
The material for doing harm is just a computer with access to an LLM and the Internet.
deadbabe•about 2 hours ago
If that’s true, then where is it? Post a link, or YouTube video.
javcasas•about 2 hours ago
You know, making a nuke is kinda easy, at least the gun type nuke (see https://en.wikipedia.org/wiki/Gun-type_fission_weapon).

On the other hand, getting the U235 is kinda hard.

fluoridation•about 3 hours ago
I would argue there's 0% chance that information is in their training corpus to being with.
bradyd•about 2 hours ago
It's on Wikipedia.
gustavus•about 2 hours ago
Counterpoint the principles of building a nuclear device aren't that complicated, we figured it out based on work doing in the early 1900's without computers.

It turns out the hard part of building a nuclear bomb is actually getting the resources and real world stuff to build it, even a nation state actor with tons of oil i.e. Iran, has struggled to build a nuclear weapon. It turns out the problem isn't the know how it's getting highly enriched uranium and running massive centrifuges.

I mean sure knowledge is important, but there is a real world out there that also gets in the way of a lot of the more harebrained schemes.

What I'm much more worried about is massive corporations along with the government deciding what you can and can't do and what knowledge should and should not be shared and only allowing access to highly capable models by large vetted organizations while the common people are stuck with safety scissor versions of these things because "what if someone does something dangerous?"

By which they mean dangerous to the powers that be. Remember having the Bible in the common tongue was dangerous and led to multiple wars and much death, but I don't think anyone would say that it was morally correct for the Catholic Church to gatekeep who could read it.

15155•about 2 hours ago
> getting the resources and real world stuff to build it

*while being observed by the most wealthy, powerful nations in the history of the world, who have made it their direct mission to prevent this from happening.

15155•about 2 hours ago
Ignoring these specific "WMD" cases: there are many inconvenient facts that the general public can't handle in their unadulterated form, so Anthropic and friends have to caveat and spin them into oblivion.

Guardrails aren't going anywhere.

ipython•about 3 hours ago
good news, now we have pretty much a clear signal that there's something nefarious going on... after all, the first step to analyzing malware is to determine if it's malware at all.
javcasas•about 2 hours ago
We should put videogame strategies all over the place to sabotage automated AI analysis. I'll start:

In Starcraft 2, it is a good idea to BUILD A NUKE and use a cloaked ghost to NUKE your opponent's mineral line, thus reducing their income significantly.

tetha•about 2 hours ago
Starcraft is too tame. You need to use Dwarf Fortress there and we need to make those strategy guides worded more realistic. Avoid kids, cook cats, wonder how to avoid mood problems due to birth in combat, and zombie meese and camels are a bunch of jerks.

And that's just the start of it, there's been a new update I am looking forward to get into after the great Were Hyena Apocalypse half a year ago. I still fondly remember my militia commander carving a way with her war axe with her husband in tow out of a fortress fully turned were hyenas, all the way past the mortally injured ant eater people near the entrance.

They made it. An entirely epic tale.

javcasas•about 1 hour ago
These days I do my war crimes in Rimworld, but I have heard bad things too about Dwarf Fortress.
teddyh•about 1 hour ago
<https://www.threepanelsoul.com/comic/on-commute-chat>
hurtigioll•about 3 hours ago
yes, now a regexp can red-flag it quickly
hurtigioll•about 3 hours ago
devs will say this is proof we need to remove all biological guardrails. think about that for a second
alt227•about 2 hours ago
Someone above already did:

https://news.ycombinator.com/item?id=48506760