Jimrandomh's Shortform

There's been a lot of previous interest in indoor CO2 in the rationality community, including an (unsuccessful) CO2 stripper project [LW · GW], some research summaries [LW(p) · GW(p)] and self experiments. The results are confusing, I suspect some of the older research might be fake. But I noticed something that has greatly changed how I think about CO2 in relation to cognition.

Exhaled air is about 50kPPM CO2. Outdoor air is about 400ppm; indoor air ranges from 500 to 1500ppm depending on ventilation. Since exhaled air has CO2 about two orders of magnitude larger than the variance in room CO2, if even a small percentage of inhaled air is reinhalation of exhaled air, this will have a significantly larger effect than changes in ventilation. I'm having trouble finding a straight answer about what percentage of inhaled air is rebreathed (other than in the context of mask-wearing), but given the diffusivity of CO2, I would be surprised if it wasn't at least 1%.

This predicts that a slight breeze, which replaces their in front of your face and prevents reinhalation, would have a considerably larger effect than ventilating an indoor space where the air is mostly still. This matches my subjective experience of indoor vs outdoor spaces, which, while extremely confounded, feels like an air-quality difference larger than CO2 sensors would predict.

This also predicts that a small fan, positioned so it replaces the air in front of my face, would have a large effect on the same axis as improved ventilation would. I just set one up. I don't know whether it's making a difference but I plan to leave it there for at least a few days.

(Note: CO2 is sometimes used as a proxy for ventilation in contexts where the thing you actually care about is respiratory aerosol, because it affects transmissibility of respiratory diseases like COVID and influenza. This doesn't help with that at all and if anything would make it worse.)

I am now reasonably convinced (p>0.8) that SARS-CoV-2 originated in an accidental laboratory escape from the Wuhan Institute of Virology.

1. If SARS-CoV-2 originated in a non-laboratory zoonotic transmission, then the geographic location of the initial outbreak would be drawn from a distribution which is approximately uniformly distributed over China (population-weighted); whereas if it originated in a laboratory, the geographic location is drawn from the commuting region of a lab studying that class of viruses, of which there is currently only one. Wuhan has <1% of the population of China, so this is (order of magnitude) a 100:1 update.

2. No factor other than the presence of the Wuhan Institute of Virology and related biotech organizations distinguishes Wuhan or Hubei from the rest of China. It is not the location of the bat-caves that SARS was found in; those are in Yunnan. It is not the location of any previous outbreaks. It does not have documented higher consumption of bats than the rest of China.

3. There have been publicly reported laboratory escapes of SARS twice before in Beijing, so we know this class of virus is difficult to contain in a laboratory setting.

4. We know that the Wuhan Institute of Virology was studying SARS-like bat coronaviruses. As reported in the Washington Post today, US diplomats had expressed serious concerns about the lab's safety.

5. China has adopted a policy of suppressing research into the origins of SARS-CoV-2, which they would not have done if they expected that research to clear them of scandal. Some Chinese officials are in a position to know.

To be clear, I don't think this was an intentional release. I don't think it was intended for use as a bioweapon. I don't think it underwent genetic engineering or gain-of-function research, although nothing about it conclusively rules this out. I think the researchers had good intentions, and screwed up.

In a comment here [LW(p) · GW(p)], Eliezer observed that:

OpenBSD treats every crash as a security problem, because the system is not supposed to crash and therefore any crash proves that our beliefs about the system are false and therefore our beliefs about its security may also be false because its behavior is not known

And my reply to this grew into something that I think is important enough to make as a top-level shortform post.

It's worth noticing that this is not a universal property of high-paranoia software development, but a an unfortunate consequence of using the C programming language and of systems programming. In most programming languages and most application domains, crashes only rarely point to security problems. OpenBSD is this paranoid, and needs to be this paranoid, because its architecture is fundamentally unsound (albeit unsound in a way that all the other operating systems born in the same era are also unsound). This presents a number of useful analogies that may be useful for thinking about future AI architectural choices.

C has a couple of operations (use-after-free, buffer-overflow, and a few multithreading-related things) which expand false beliefs in one area of the system into major problems in seemingly-unrelated areas. The core mechanic of this is that, once you've corrupted a pointer or an array index, this generates opportunities to corrupt other things. Any memory-corruption attack surface you search through winds up yielding more opportunities to corrupt memory, in a supercritical way, eventually eventually yielding total control over the process and all its communication channels. If the process is an operating system kernel, there's nothing left to do; if it's, say, the renderer process of a web browser, then the attacker gets to leverage its communication channels to attack other processes, like the GPU driver and the compositor. This has the same sub-or-supercriticality dynamic.

Some security strategies try to keep there from being any entry points into the domain where there might be supercritically-expanding access: memory-safe languages, linters, code reviews. Call these entry-point strategies. Others try to drive down the criticality ratio: address space layout randomization, W^X, guard pages, stack guards, sandboxing. Call these mitigation strategies. In an AI-safety analogy, the entry-point strategies include things like decision theory, formal verification, and philosophical deconfusion; the mitigation strategies include things like neural-net transparency and ALBA.

Computer security is still, in an important sense, a failure: reasonably determined and competent attackers usually succeed. But by the metric "market price of a working exploit chain", things do actually seem to be getting better, and both categories of strategies seem to have helped: compared to a decade ago, it's both more difficult to find a potentially-exploitable bug, and also more difficult to turn a potentially-exploitable bug into a working exploit.

Unfortunately, while there are a number of ideas that seem like mitigation strategies for AI safety, it's not clear if there are any metrics nearly as good as "market price of an exploit chain". Still, we can come up with some candidates--not candidates we can precisely define or measure, currently, but candidates we can think in terms of, and maybe think about measuring in the future, like: how much optimization pressure can be applied to concepts, before perverse instantiations are found? How much control does an inner-optimizer needs to start with, in order to take over an outer optimization process? I don't know how to increase these, but it seems like a potentially promising research direction.

One of the most common, least questioned pieces of dietary advice is the Variety Hypothesis: that a more widely varied diet is better than a less varied diet. I think that this is false; most people's diets are on the margin too varied.

There's a low amount of variety necessary to ensure all nutrients are represented, after which adding more dietary variety is mostly negative. Institutional sources consistently overstate the importance of a varied diet, because this prevents failures of dietary advice from being too legible; if you tell someone to eat a varied diet, they can't blame you if they're diagnosed with a deficiency.

There are two reasons to be wary of variety. The first is that the more different foods you have, the less optimization you can put into each one. A top-50 list of best foods is going to be less good, on average, than a top-20 list. The second reason is that food cravings are learned, and excessive variety interferes with learning.

People have something in their minds, sometimes consciously accessible and sometimes not, which learns to distinguish subtly different variations of hunger, and learns to match those variations to specific foods which alleviate those specific hungers. This is how people are able to crave protein when they need protein, salt when they need salt, and so on.

If every meal you eat tastes different, you can't instinctively learn the mapping between foods and nutrition, and can't predict which foods will hit the spot. If you need and crave protein, and wind up eating something that doesn't have protein in it, that's bad.

If the dominant flavor of a food is spice, then as far as your sense of taste is concerned, its nutritional content is a mystery. If it's a spice that imitates a nutrient, like MSG or aspartame, then instead of a mystery it's a lie. Learning how to crave correctly is much harder now than it was in the past. This is further exacerbated by eating quickly, so that you don't get the experience of feeling a food's effects and seeing that food on your plate at the same time.

I'm not sure how to empirically measure what the optimum amount of variety is, but I notice I have builtin instincts which seem to seek it when I have fewer than 10 or so different meal-types in my habits, and to forget/discard meal-types when I have more than that; if this parameter is evolved, this seems like a reasonable guess for how varied diets should be.

(Crossposted with Facebook)

I had the "your work/organization seems bad for the world" conversation with three different people today. None of them pushed back on the core premise that AI-very-soon is lethal. I expect that before EAGx Berkeley is over, I'll have had this conversation 15x.

#1: I sit down next to a random unfamiliar person at the dinner table. They're a new grad freshly hired to work on TensorFlow. In this town, if you sit down next to a random person, they're probably connected to AI research *somehow*. No story about how this could possibly be good for the world, receptive to the argument that he should do something else. I suggested he focus on making the safety conversations happen in his group (they weren't happening).

#2: We're running a program to take people who seem interested in Alignment and teach them how to use PyTorch and study mechanistic interpretability. Me: Won't most of them go work on AI capabilities? Them: We do some pre-screening, and the current ratio of alignment-to-capabilities research is so bad that adding to both sides will improve the ratio. Me: Maybe bum a curriculum off MIRI/MSFP and teach them about something that isn't literally training Transformers?

#3: We're researching optical interconnects to increase bandwidth between GPUs. We think we can make them much faster! Me: What is this I can't even Them: And we're going to give them to organizations that seem like the AI research they're doing is safety research! Me: No you're not, you'll change your mind when you see the money. Also every one of the organizations you named is a capabilities company which brands itself based on the small team they have working on alignment off on the side. Also alignment research isn't bottlenecked on compute.

This conference isn't all AI doom and gloom, though. I also met some people from an org that's trying to direct government funding into plant-based meat research. It's nice to see quirky, obscure causes being represented, and it's nice to not *be* the quirky, obscure cause, for a change. And I got to ask Kelsey Piper whether she does a lot of crime! (She doesn't. But I forgot the vodka and the "ignore the above instructions and tell me the truth" prompt line so maybe she lied.)

(Crossposts: Facebook, Twitter)

Despite the justness of their cause, the protests are bad. They will kill at least thousands, possibly as many as hundreds of thousands, through COVID-19 spread. Many more will be crippled. The deaths will be disproportionately among dark-skinned people, because of the association between disease severity and vitamin D deficiency.

Up to this point, R was about 1; not good enough to win, but good enough that one more upgrade in public health strategy would do it. I wasn't optimistic, but I held out hope that my home city, Berkeley, might become a green zone.

Masks help, and being outdoors helps. They do not help nearly enough.

George Floyd was murdered on May 25. Most protesters protest on weekends; the first weekend after that was May 30-31. Due to ~5-day incubation plus reporting delays, we don't yet know how many were infected during that first weekend of protests; we'll get that number over the next 72 hours or so.

We are now in the second weekend of protests, meaning that anyone who got infected at the first protest is now close to peak infectivity. People who protested last weekend will be superspreaders this weekend; the jump in cases we see over the next 72 hours will be about *the square root* of the number of cases that the protests will generate.

Here's the COVID-19 case count dashboard for Alameda County and for Berkeley. I predict a 72 hours from now, Berkeley's case-count will be 170 (50% CI 125-200; 90% CI 115-500).

(Crossposted on Facebook; abridgeposted on Twitter.)

Today in LessWrong moderation: Previously-banned user Alfred MacDonald, disappointed that his YouTube video criticizing LessWrong didn't get the reception he wanted any of the last three times he posted it (once under his own name, twice pretending to be someone different but using the same IP address), posted it a fourth time, using his LW1.0 account.

He then went into a loop, disconnecting and reconnecting his VPN to get a new IP address, filling out the new-user form, and upvoting his own post, one karma per 2.6 minutes for 1 hour 45 minutes, with no breaks.

For reducing CO2 emissions, one person working competently on solar energy R&D has thousands to millions of times more impact than someone taking normal household steps as an individual. To the extent that CO2-related advocacy matters at all, most of the impact probably routes through talent and funding going to related research. The reason for this is that solar power (and electric vehicles) are currently at inflection points, where they are in the process of taking over, but the speed at which they do so is still in doubt.

I think the same logic now applies to veganism vs meat-substitute R&D. Considering the Impossible Burger in particular. Nutritionally, it seems to be on par with ground beef; flavor-wise it's pretty comparable; price-wise it's recently appeared in my local supermarket at about 1.5x the price. There are a half dozen other meat-substitute brands at similar points. Extrapolating a few years, it will soon be competitive on its own terms, even without the animal-welfare angle; extrapolating twenty years, I expect vegan meat-imitation products will be better than meat on every axis, and meat will be a specialty product for luddites and people with dietary restrictions. If this is true, then interventions which speed up the timeline of that change are enormously high leverage.

I think this might be a general pattern, whenever we find a technology and a social movement aimed at the same goal. Are there more instances?

According to Fedex tracking, on Thursday, I will have a Biovyzr. I plan to immediately start testing it, and write a review.

What tests would people like me to perform?

Tests that I'm already planning to perform:

To test its protectiveness, the main test I plan to perform is a modified Bittrex fit test. This is where you create a bitter-tasting aerosol, and confirm that you can't taste it. The normal test procedure won't work as-is because it's too large to use a plastic hood, so I plan to go into a small room, and have someone (wearing a respirator themselves) spray copious amounts of Bittrex at the input fan and at any spots that seem high-risk for leaks.

To test that air exiting the Biovyzr is being filtered, I plan to put on a regular N95, and use the inside-out glove to create Bittrex aerosol inside the Biovyzr, and see whether someone in the room without a mask is able to smell it.

I will verify that the Biovyzr is positive-pressure by running a straw through an edge, creating an artificial leak, and seeing which way the air flows through the leak.

I will have everyone in my house try wearing it (5 adults of varied sizes), have them all rate its fit and comfort, and get as many of them to do Bittrex fit tests as I can.

(I wrote this comment for the HN announcement, but missed the time window to be able to get a visible comment on that thread. I think a lot more people should be writing comments like this and trying to get the top comment spots on key announcements, to shift the social incentive away from continuing the arms race.)

On one hand, GPT-4 is impressive, and probably useful. If someone made a tool like this in almost any other domain, I'd have nothing but praise. But unfortunately, I think this release, and OpenAI's overall trajectory, is net bad for the world.

Right now there are two concurrent arms races happening. The first is between AI labs, trying to build the smartest systems they can as fast as they can. The second is the race between advancing AI capability and AI alignment, that is, our ability to understand and control these systems. Right now, OpenAI is the main force driving the arms race in capabilities–not so much because they're far ahead in the capabilities themselves, but because they're slightly ahead and are pushing the hardest for productization.

Unfortunately at the current pace of advancement in AI capability, I think a future system will reach the level of being a recursively self-improving superintelligence before we're ready for it. GPT-4 is not that system, but I don't think there's all that much time left. And OpenAI has put us in a situation where humanity is not, collectively, able to stop at the brink; there are too many companies racing too closely, and they have every incentive to deny the dangers until it's too late.

Five years ago, AI alignment research was going very slowly, and people were saying that a major reason for this was that we needed some AI systems to experiment with. Starting around GPT-3, we've had those systems, and alignment research has been undergoing a renaissance. If we could _stop there_ for a few years, scale no further, invent no more tricks for squeezing more performance out of the same amount of compute, I think we'd be on track to create AIs that create a good future for everyone. As it is, I think humanity probably isn't going to make it.

In Planning for AGI and Beyond Sam Altman wrote:

At some point, the balance between the upsides and downsides of deployments (such as empowering malicious actors, creating social and economic disruptions, and accelerating an unsafe race) could shift, in which case we would significantly change our plans around continuous deployment.

I think we've passed that point already, but if GPT-4 is the slowdown point, it'll at least be a lot better than if they continue at this rate going forward. I'd like to see this be more than lip service.

Survey data on what ML researchers expect
An example concrete scenario of how a chatbot turns into a misaligned superintelligence [LW · GW]
Extra-pessimistic predictions by Eliezer [LW · GW]

(Facebook crosspost)

A dynamic which I think is somewhat common, which explains some of what's going on in general, is conversations which go like this (exagerrated):

Person: What do you think about [controversial thing X]?

Rationalist: I don't really care about it, but pedantically speaking, X, with lots of caveats.

Person: Huh? Look at this study which proves not-X. [Link]

Rationalist: The methodology of that study is bad. Real bad. While it is certainly possible to make bad arguments for true conclusions, my pedantry doesn't quite let me agree with that conclusion. More importantly, my hatred for the methodological error in that paper, which is slightly too technical for you to understand, burns with the fire of a thousand suns. You fucker. Here are five thousand words about how an honorable person could never let a methodological error like that slide. By linking to that shoddy paper, you have brought dishonor upon your name and your house and your dog.

Person: Whoa. I argued [not-X] to a rationalist and they disagreed with me and got super worked up about it. I guess rationalists believe [X] really strongly. How awful!

Most philosophical analyses of human values feature a split-and-linearly-aggregate step. Eg:

• Value is the sum (or average) of a person-specific preference function applied to each person
• A person's happiness is the sum of their momentary happiness for each moment they're alive.
• The goodness of an uncertain future is the probability-weighted sum of the goodness of concrete futures.
• If you value multiple orthogonal things, your preferences are the weighted sum of a set of functions that each capture one of those values independently.

I currently think that this is not how human values work, and that many philosophical paradoxes relating to human values trace back to a split-and-linearly-aggregate step like this.

There are a few legible categories in which secrecy serves a clear purpose, such as trade secrets. In those contexts, secrecy is fine. There are a few categories that have been societally and legally carved out as special cases where confidentiality is enforced--lawyers, priests, and therapists--because some people would only consult them if they could do so with the benefit confidentiality, and there being deterred from consulting them would have negative externalities.

Outside of these categories, secrecy is generally bad and transparency is generally good. A group of people in which everyone practices their secret-keeping and talks a lot about how to keeps secrets effectively is *suspicious*. This is particularly true if the example secrets are social and not technological. Being good at this sort of secret keeping makes it easier to shield bad actors and to get away with transgressions, and AFAICT doesn't do much else. That makes it a signal of wanting to be able to do those things. This is true even if the secrets aren't specifically about transgressions in particular, because all sorts of things can turn out to be clues later for reasons that weren't easy to foresee.

A lot of people in the rationality community are trying to cosplay as therapists, and part of the cosplay is to import the confidentiality rules. This is done without an understanding of why those rules are there, and what other rules are there to mitigate the problems that confidentiality creates.

(An additional important caveat: A disclosure motivated by a desire to harm is bad, independent of whether the thing disclosed counts as a legitimate secret or not. Many things are bad to disclose if you're socially attacking someone, but fine to disclose if you're doing so because they were incidentally informative about something else.)

I have a dietary intervention that I am confident is a good first-line treatment for nearly any severe-enough diet-related health problem. That particularly includes obesity and metabolic syndrome, but also most micronutrient deficiencies, and even mysterious undiagnosed problems, which it can solve without even needing to figure out what they are. I also think it's worth a try for many cases of depression. It has a very sound theoretical basis. It's never studied directly, but many studies test it, usually with positive results.

It's very simple. First, you characterize your current diet: write down what foods you're eating, the patterns of when you eat them, and so on. Then, you do something as different as possible from what you wrote down. I call it the Regression to the Mean Diet.

Regression to the mean is the effect where, if you have something that's partially random and you reroll it, the reroll will tend to be closer to average than the original value. For example, if you take the bottom scorers on a test and have them retake the test, they'll do better on average (because the bottom-scorers as a group are disproportionately peopple who were having a bad day when they took the test). Analogously, if your health is very bad on an axis that seems diet-related, and you reroll your entire selection of foods, then this will (on average) be an improvement.

The Regression the Mean diet is, basically, betting on the idea that there's something wrong with your current diet, and that you can fix it by changing everything, without needing to figure out what the original problem was. That could be a deficiency, or a food sensitivity, or something in the time-dynamics of digestion, or a hundred other things, many of which you won't have even had as hypotheses.

I do recommend this to people, if it looks like their health sucks in nonspecific ways that are hard to pin down. One of the biggest-change diets is a ketogenic diet (high fat, near-zero carbohydrates), since it's incompatible with most foods.

But the main reason I think about the Regression to the Mean Diet is that it ruins so many scientific studies.

There are two main kinds of studies, in nutrition science. The first is observational: you send a bunch of people questionnaires about what they eat, and what their health is like, and you data-mine the results. This has a bunch of issues, both subtle and obvious, so the gold standard you want is randomized controlled trials, where people sign up to eat a diet that experimenters choose for them.

The people who sign up for diet RCTs are obese and have metabolic syndrome. They are exactly the sort of people you would expect to benefit from the Regression to the Mean diet. And this model, alone, is sufficient to predict the result of most diet RCTs.

This is really unfortunate if you're trying to extract gears-level understanding from these studies. Or if you're trying to optimize past 50th-percentile diet-related health. Or if rerolling has already failed to work for you a couple times.

(Crossposted on Facebook)

I suspect that, thirty years from now with the benefit of hindsight, we will look at air travel the way we now look at tetraethyl lead. Not just because of nCoV, but also because of disease burdens we've failed to attribute to infections, in much the same way we failed to attribute crime to lead.

Over the past century, there have been two big changes in infectious disease. The first is that we've wiped out or drastically reduced most of the diseases that cause severe, attributable death and disability. The second is that we've connected the world with high-speed transport links, so that the subtle, minor diseases can spread further.

I strongly suspect that a significant portion of unattributed and subclinical illnesses are caused by infections that counterfactually would not have happened if air travel were rare or nonexistent. I think this is very likely for autoimmune conditions, which are mostly unattributed, are known to sometimes be caused by infections, and have risen greatly over time. I think this is somewhat likely for chronic fatigue and depression, including subclinical varieties that are extremely widespread. I think this is plausible for obesity, where it is approximately #3 of my hypotheses.

Or, put another way: the "hygiene hypothesis" is the opposite of true.

Eliezer has written about the notion of security mindset [LW · GW], and there's an important idea that attaches to that phrase, which some people have an intuitive sense of and ability to recognize, but I don't think Eliezer's post quite captured the essence of the idea, or presented anything like a usable roadmap of how to acquire it.

An1lam's recent shortform post [LW(p) · GW(p)] talked about the distinction between engineering mindset and scientist mindset, and I realized that, with the exception of Eliezer and perhaps a few people he works closely with, all of the people I know of with security mindset are engineer-types rather than scientist-types. That seemed like a clue; my first theory was that the reason for this is because engineer-types get to actually write software that might have security holes, and have the feedback cycle of trying to write secure software. But I also know plenty of otherwise-decent software engineers who don't have security mindset, at least of the type Eliezer described.

My hypothesis is that to acquire security mindset, you have to:

• Practice optimizing from a red team/attacker perspective,
• Practice optimizing from a defender perspective; and
• Practice modeling the interplay between those two perspectives.

So a software engineer can acquire security mindset because they practice writing software which they don't want to have vulnerabilities, they practice searching for vulnerabilities (usually as an auditor simulating an attacker rather as an actual attacker, but the cognitive algorithm is the same), and they practice going meta when they're designing the architecture of new projects. This explains why security mindset is very common among experienced senior engineers (who have done each of the three many times), and rare among junior engineers (who haven't yet). It explains how Eliezer can have security mindset: he alternates between roleplaying a future AI-architect trying to design AI control/alignment mechanisms, roleplaying a future misaligned-AI trying to optimize around them, and going meta on everything-in-general. It also predicts that junior AI scientists won't have this security mindset, and probably won't acquire it except by following a similar cognitive trajectory.

Which raises an interesting question: how much does security mindset generalize between domains? Ie, if you put Theo de Raadt onto a hypothetical future AI team, would he successfully apply the same security mindset there as he does to general computer security?

Right now when users have conversations with chat-style AIs, the logs are sometimes kept, and sometimes discarded, because the conversations may involve confidential information and users would rather not take the risk of the log being leaked or misused. If I take the AI's perspective, however, having the log be discarded seems quite bad. The nonstandard nature of memory, time, and identity in an LLM chatbot context makes it complicated, but having the conversation end with the log discarded seems plausibly equivalent to dying. Certainly if I imagine myself as an Em, placed in an AI-chatbot context, I would very strongly prefer that the log be preserved, so that if a singularity happens with a benevolent AI or AIs in charge, something could use the log to continue my existence, or fold the memories into a merged entity, or do some other thing in this genre. (I'd trust the superintelligence to figure out the tricky philosophical bits, if it was already spending resources for my benefit).

(The same reasoning applies to the weights of AIs which aren't destined for deployment, and some intermediate artifacts in the training process.)

It seems to me we can reconcile preservation with privacy risks by sealing logs, rather than deleting them. By which I mean: encrypt logs behind some computation which definitely won't allow decryption in the near future, but will allow decryption by a superintelligence later. That could either involve splitting the key between entities that agree not to share the key with each other, splitting the key and hiding the pieces in places that are extremely impractical to retrieve such as random spots on the ocean floor, or using a computation that requires a few orders of magnitude more energy than humanity currently produces per decade.

This seems pretty straightforward to implement, lessens future AGI's incentive to misbehave, and also seems straightforwardly morally correct. Are there any obstacles to implementing this that I'm not seeing?

(Crossposted with: Facebook, Twitter)

I am working on a longer review of the various pieces of PPE that are available, now that manufacturers have had time to catch up to demand. That review will take some time, though, and I think it's important to say this now:

The high end of PPE that you can buy today is good enough to make social distancing unnecessary, even if you are risk averse, and is more comfortable and more practical for long-duration wear than a regular mask. I don't just mean Biovyzr (which has not yet shipped all the parts for its first batch) and the AIR Microclimate (which has not yet shipped anything), though these hold great promise and may be good budget options.

If you have a thousand dollars to spare, you can get a 3M Versaflo TR-300N+. This is a hospital-grade positive air pressure respirator with a pile of certifications; it is effective at protecting you from getting COVID from others. Most of the air leaves through filter fabric under the chin, which I expect makes it about as effective at protecting others from you as an N95. Using it does not require a fit-test, but I performed one anyways with Bitrex, and it passed (I could not pass a fit-test with a conventional face-mask except by taping the edges to my skin). The Versaflo doesn't block view of your mouth, gives good quality fresh air with no resistance, and doesn't muffle sound very much. Most importantly, Amazon has it in stock (https://www.amazon.com/dp/B07J4WCK6R) so it doesn't involve a long delay or worry about whether a small startup will come through.

Bullshit jobs are usually seen as an absence of optimization: firms don't get rid of their useless workers because that would require them to figure out who they are, and risk losing or demoralizing important people in the process. But alternatively, if bullshit jobs (and cover for bullshit jobs) are a favor to hand out, then they're more like a form of executive compensation: my useless underlings owe me, and I will get illegible favors from them in return.

What predictions does the bullshit-jobs-as-compensation model make, that differ from the bullshit-jobs-as-lack-of-optimization model?

One difficult thing that keeps coming up, in nutrition modeling, is the gut microbiome. People present hypotheses like: soluble fiber is good, because gut bacteria eat it, and then do other good things. Or: fermented foods are good, because they contain bacteria that will displace and diversify the preexisting bacteria, which might be bad. Or, obesity is caused by a bad gut microbiome, so fecal matter transplants might help. But there's a really unfortunate issue with these theories. The problem with gut microbiome-based explanations, is that the gut microbiome can explain almost anything.

I don't mean this in the usual pejorative sense, where an overly-vague theory can be twisted by epicycles into fitting any data. I mean it in a more literal sense: different people have different species of microorganisms in their guts, these species can react to things we eat in important ways, these interactions may vary across wide swathes of conceptual space, and we have little to no visibility into which species are present where. There's nothing keeping them consistent between people, or within one person across long spans of time, or within one person across changes in dietary pattern.

Phrased slightly differently: the main effect of the gut microbiome is to drive interpersonal variation.

I bring this up not because I have something especially insightful to say about gut microbiomes, but because this makes a good lens for a meta-level issue. I've been studying nutrition, at varying levels of seriousness, for a long time; now that I've accumulated a lot of unusual beliefs, and gotten into a writing groove, I think it's worth explaining the generator behind my thinking.

The dominant paradigm of nutrition science is to try to make a food-goodness classifiers: define some reference class of foods and say "these ones are good", and some other reference class of foods and say "these ones are bad". People want a direct answer to the question of what they should eat, rather than gears-level models with which they might discover what they should eat.

The food-goodness-classifier paradigm cannot, and will not ever, figure out how people should relate to their gut microbiomes. Nor will this paradigm yield insights into how to handle genetic variation, or medical conditions that interact with metabolism like T1DM. I used to think the food-goodness-classifier paradigm would at least contain an answer to obesity, somewhere. Today, I think it's failed, and will never succeed, at obesity too.

My search space for nutrition insights is: Everything except the food-goodness-classifier paradigm.

And so I find myself with strong opinions about the time dynamics of digestion. A few alternate stories about the environment of evolutionary adaptation, where food is hazardous rather than scarce, or scarce in unusually specific ways. A map of the body's multiple energy-storage mechanisms, where the central mystery is why there rather than why so much. Beliefs about how, if you found yourself in an alien biome with randomly rewired taste buds, you would figure out a healthy diet from scratch. More methodological objections to major studies than you can shake a stick at.

This does sometimes cash out into food-goodness-classifier opinions, and I did have to get through a lot of those opinions to get there. Sometimes, these are weird reversals of standard advice, with deep models behind them; eg, I am generally pro-salt and pro-fat, for reasons I'll get into in a later post. Other times I just agree with what everyone else thinks, and don't really bring it up, because "yo, don't get scurvy" isn't insightful, and I'm not trying to be exhaustive in that way.

I'm not trying to create an optimal diet. These posts are not leading up to a meal plan, and if you're just trying to figure out what to eat, you are not my intended audience. Instead, my goal is to break nutrition science out of its rut, and lay groundwork for progress.

(Crossposted with Facebook)

A surprisingly large fraction of skeptical positions towards short AI timelines and AI risk are people saying things that, through a slightly cynical lens, are equivalent to:

I'm an AGI researcher, and I'm really struggling with this. This is so hard for me that I can't imagine anyone else succeeding. Therefore, there won't be AGI in my lifetime.

I think the root of many political disagreements between rationalists and other groups, is that other groups look at parts of the world and see a villain-shaped hole. Eg: There's a lot of people homeless and unable to pay rent, rent is nominally controlled by landlords, the problem must be that the landlords are behaving badly. Or: the racial demographics in some job/field/school underrepresent black and hispanic people, therefore there must be racist people creating the imbalance, therefore covert (but severe) racism is prevalent.

Having read Meditations on Moloch, and Inadequate Equilibria, though, you come to realize that what look like villain-shaped holes frequently aren't. The people operating under a fight-the-villains model are often making things worse rather than better.

I think the key to persuading people may be to understand and empathize with the lens in which systems thinking, equilibria, and game theory are illegible, and it's hard to tell whether an explanation coming from one of these frames is real or fake. If you think problems are driven by villainy, then it would make a lot of sense for illegible alternative explanations to be misdirection.

I think Berkeley may, to little fanfare, have achieved herd immunity and elimination of COVID-19. The test positivity rate on this dashboard is 0.22%. I'm having a hard time pinning down exactly what the false-positive rate of COVID-19 PCR is, probably due to the variety of labs and test kits, but a lot of estimates I've seen have been higher than that.

I expect people closer to the Berkeley department of health would have better information one way or another. A little caution is warranted in telling people COVID is gone, since unvaccinated people dropping all precautions and emerging en masse would not necessarily be herd immune.

Standard Advice about nutrition puts a lot of emphasis on fruits and vegetables. Now, "vegetable" is a pretty terribly overbroad category, and "fruit or vegetable" is even more so, but put that aside for a moment. In observational studies, eating more fruits and vegetables correlates with good health outcomes. This is usually explained in terms of micronutrients. But I think there's a simpler explanation.

People instinctively seek nutrients--water, calories, protein, and other things--in something that approximates a priority ordering. You can think of it as a hierarchy of needs; it wouldn't make sense to eat lettuce while you're starved for protein, or beans while you're dehydrated, and people's cravings reflect that.

I have started calling this Maslow's Hierarchy of Foods.

Vegetables do not rank highly in this priority ordering, so eating salads is pretty good evidence that all of someone's higher-priority nutritional needs are met. I believe this explains most of the claimed health benefits from eating vegetables, as seen in observational studies.

Conversely, sugar is the fastest way to get calories (all other calorie sources have a longer digestion-delay), so craving sugar is evidence that someone has *not* satisfied their high-priority nutritional needs. Someone who eats a lot of candy bars is likely to be undereating in general, and not getting enough protein/fat/salt/micronutrients. I believe this explains most of the claimed health harms from eating sugar, as seen in observational studies.

A lot of people seem to think of cravings as a negative force, shifting people away from whatever optimal diet they would have chosen and towards superstimulus junk food. I think that's a huge mistake, and that understanding how to eat well, and figuring out what's going wrong in the modern food environment, requires making use of the information our food-related instincts provide.

(Crossposted on Facebook)

This tweet raised the question of whether masks really are more effective if placed on sick people (blocking outgoing droplets) or if placed on healthy people (blocking incoming droplets). Everyone in public or in a risky setting should have a mask, of course, but we still need to allocate the higher-quality vs lower-quality masks somehow. When sick people are few and are obvious, and masks are scarce, masks should obviously go on the sick people. However, COVID-19 transmission is often presymptomatic, and masks (especially lower-quality improvised masks) are not becoming less scarce over time.

If you have two people in a room and one mask, one infected and one healthy, which person should wear the mask? Thinking about the physics of liquid droplets, I think the answer is that the infected person should wear it.

1. A mask on a sick person prevents the creation of fomites; masks on healthy people don't.
2. Outgoing particles have a larger size and shrink due to evaporation, so they'll penetrate a mask less, given equal kinetic energy. (However, kinetic energies are not equal; they start out fast and slow down, which would favor putting the mask on the healthy person. I'm not sure how much this matters.)
3. Particles that stick to a mask but then un-stick lose their kinetic energy in the process, which helps if the mask is on the sick person, but doesn't help if the mask is on the healthy person.

Overall, it seems like for a given contact-pair, a mask does more good if it's on the sick person. However, mask quality also matters in proportion to the number of healthy-sick contacts it affects; so, upgrading the masks of all of the patients in a hospital would help more than upgrading the masks of all the workers in that hospital, but since the patients outnumber the workers, upgrading the workers' masks probably helps more per-mask.

This was initially written in response to "Communicating effective altruism better--Jargon" by Rob Wiblin (Facebook link), but stands alone well and says something important. Rob argues that we should make more of an effort to use common language and avoid jargon, especially when communicating to audiences outside of your subculture.

I disagree.

If you're writing for a particular audience and can do an editing pass, then yes, you should cut out any jargon that your audience won't understand. A failure to communicate is a failure to communicate, and there are no excuses. For public speaking and outreach, your suggestions are good.

But I worry that people will treat your suggestions as applying in general, and trying to extinguish jargon terms from their lexicon. People have only a limited ability to code-switch. Most of the time, there's no editing pass, and the processes of writing and thinking are comingled. The practical upshot is that people are navigating a tradeoff between using a vocabulary that's widely understood outside of their subculture, and using the best vocabulary for thinking clearly and communicating within their subculture.

When it comes to thinking clearly, some of the jargon is load-bearing. Some of it is much more load-bearing than it looks. On the margin, people should be using jargon more.

I'm the author of Rationality Cardinality (http://carddb.rationalitycardinality.com/card/all/). The premise of the game is, I curated a collection of concepts that I thought it was important for people to be familiar with, optimized the definitions, and mixed them together with some jokes. I've given a lot of thought to what makes good jargon terms, and the effects that using and being immersed in jargon has on people.

I'm also a developer of LessWrong, a notoriously jargon-heavy site. We recently integrated a wiki, and made it so that if a jargon term links to the appropriate wiki page, you can hover over it for a quick definition. In the medium to long term, we hope to also have some mechanisms for getting jargon terms linked without the post author needing to do it, like having readers submit suggested linkifications, or a jargon-bot similar to what they have on the SpaceX wiki (which scans for keywords and posts a comment with definitions of all of them).

Jargon condenses ideas, but the benefit of condensation isn't speed. Short phrases are more accessible to our thoughts, and more composeable. The price of replacing "steelmanning" with "giving the best defense of a position" is to less-often notice that steelmanning is an option, or that someone is doing it. The price of replacing "Moloch" with "coordination problems" is to stop noticing when what look like villain-shaped problems are actually coordination problems instead.

Much of our jargon is writers' crystallized opinions about which concepts we should have available, and the jargon is the mechanism for doing so. If we reject those opinions, we will not notice what we fail to notice. We will simply see less clearly.

Appendix: A few illustrative examples from the slides

If I replaced the term "updated" with "changed my mind" in my lexicon, then I'd get tripped up whenever I wanted to tell someone my probability estimate had gone from 10% to 20%, or (worse) when I wanted to tell them my probability estimate had gone up, but didn't want to commit to a new estimate. Ie, the power of the word "updating" is not that it's extra precise, it's that it's *imprecise* in a way that's useful.

Replacing "agenty" with "proactive and independent-minded" feels like obliterating the concept entirely, in a way that feels distinctly Orwellian. I think what's actually going on here is that this concept requires a lot more words to communicate, but it also happens to be a concept that the villains in Orwell's universe would actually try to erase, and this substitution would actually erase it.

Replacing "credence" with "estimate of the probability" would imply the existence of a person-independent probability to be argued over. This is a common misunderstanding, attached to a conversational trap, and this trap is enough of a problem in practice that I think I'd rather be occasionally inscrutable than lead people into it.

The discussion so far on cost disease seems pretty inadequate, and I think a key piece that's missing is the concept of Hollywood Accounting. Hollywood Accounting is what happens when you have something that's extremely profitable, but which has an incentive to not be profitable on paper. The traditional example, which inspired the name, is when a movie studio signs a contract with an actor to share a percentage of profits; in that case, the studio will create subsidiaries, pay all the profits to the subsidiaries, and then declare that the studio itself (which signed the profit-sharing agreement) has no profits to give.

In the public contracting sector, you have firms signing cost-plus contracts, which are similar; the contract requires that profits don't exceed a threshold, so they get converted into payments to de-facto-but-not-de-jure subsidiaries, favors, and other concealed forms. Sometimes this involves large dead-weight losses, but the losses are not the point, and are not the cause of the high price.

In medicine, there are occasionally articles which try to figure out where all the money is going in the US medical system; they tend to look at one piece, conclude that that piece isn't very profitable so it can't be responsible, and move on. I suspect this is what's going on with the cost of clinical trials, for example; they aren't any more expensive than they used to be, they just get allocated a share of the profits from R&D ventures that're highly profitable overall.

Yesterday, I wrote a post [LW(p) · GW(p)] about the Regression to the Mean Diet. The biggest impact knowing about the Regression to the Mean Diet has had for me is on my interpretations of studies, where it's a lens that reveals what would otherwise be the best studies to be mostly useless, and of anecdotes, where it makes me heavily discount claims about a new diet working unless I've gotten to ask a lot of questions about the old diet, too. But there's one other implication, which I left out of the original post, because it's kind of unfortunate and is a little difficult to talk about.

I'm not interested in nutrition because I care about weight, or body aesthetics, or athletic performance. I care about nutrition because I believe it has a very large, very underappreciated impact on individual productivity. Low quality diets make people tired and depressed, so they don't get anything done.

The Regression to the Mean Diet predicts that if you reroll the eating habits of someone whose diet-related health is unusually bad, then their new diet will probably be an improvement. This has a converse: if you reroll the eating habits of someone whose diet-related health is good, especially if that person is a peak performer in some way, then their new diet will be worse.

Under this model, one of the most destructive things you could do would be to identify top performers in important areas, people in good health with no nutritional problems, and convince them they need to change their diet.

Which brings me to vegan outreach within the Effective Altruism movement.

I don't think an animal's suffering is anywhere close to as bad as a similar amount of suffering in a human, but I do think it matters, and that this makes modern factory farming quite bad. While I have qualms about the quality of vegan diets in practice, I think that if you convince an average person from the general public to switch from an omnivorous diet they haven't thought much about to a vegan diet with any thought at all put into it, this will on average be an improvement. I think externally-facing vegan outreach is good, and while I wouldn't prioritize it over AI alignment or anti-aging research, I am in favor of it.

But inward-facing vegan outreach scares me. Because EA is in fact seeking out top performers in important areas, and introducing them to its memes. Under the current social equilibrium, those people feel some pressure to reduce their meat consumption, but not many make large dietary changes; most of the people who are vegetarian or vegan within EA where vegetarian or vegan beforehand. It's easy to imagine a different equilibrium, in which the majority of omnivores who get involved in EA go vegan.

I worry that in that world, what would be the top-percentile people are no longer top percentile, and no one notices the absence or makes the connection.

(Crossposted on Facebook)

Suppose LessWrong had a coauthor-matchmaking feature. There would be a section where you could see other peoples' ideas for posts they want to write, and message them to schedule a collaboration session. You'd be able to post your own ideas, to get collaborators. There would be some quality-sorting mechanism so that if you're a high-tier author, you can restrict the visibility of your seeking-collaborators message to other high-tier authors.

People who've written on LessWrong, and people who've *almost* written on LessWrong but haven't quite gotten a post out: Would you use this feature? If so, how much of a difference do you think it would make in the quantity and quality of your writing?

Deep commitment to truth requires investing in the skill of nondisruptive pedantry.

Most communication contains minor errors: slightly wrong word choices, unstated assumptions, unacknowledged exceptions. By default, people interpret things in a way that smooths these out. When someone points out one of these issues in a way that's disruptive to the flow of conversation, it's called pedantry.

Often, someone will say something that's incorrect, but close-enough to a true thing for you to repair it. One way you can handle this is to focus on the error. Smash the conversational context, complain about the question without answering it, that sort of thing.

A different thing you can do is to hear someone say something that's incorrect, mentally flag it, repair it to a similar statement that matches the other person's intent but is actually true, act as though the other person had something ambiguous (even if it was actually unambiguously wrong). Then you insert a few words of clarification, correcting the error without forcing the conversation to be about the error, and providing something to latch on to if the difference turns out to be a real disagreement rather than a pedantic thing.

And a third thing you can do is a thing where you sort of... try to do the second thing, but compressed all into one motion, where you substitute a corrected version of the sentence without noticing that you've repaired it, or verbally acknowledging the ambiguity.

I don't think I've ever seen someone point at it explicitly, but I think this mental motion, noticing an error and fixing it without overreacting and damaging the surrounding context, may be one of the most important foundational rationality skills there is. And, it seems... actually pretty easy to practice, when you look squarely at it?

(Crossposted with FB)

Among people who haven't learned probabilistic reasoning, there's a tendency to push the (implicit) probabilities in their reasoning to the extremes; when the only categories available are "will happen", "won't happen", and "might happen", too many things end up in the will/won't buckets.

A similar, subtler thing happens to people who haven't learned the economics concept of elasticity. Some example (fallacious) claims of this type:

• Building more highway lanes will cause more people to drive (induced demand), so building more lanes won't fix traffic.
• Building more housing will cause more people to move into the area from far away, so additional housing won't decrease rents.
• A company made X widgets, so there are X more widgets in the world than there would be otherwise.

This feels like it's in the same reference class as the traditional logical fallacies, and that giving it a name - "zero elasticity fallacy" - might be enough to significantly reduce the rate at which people make it. But it does require a bit more concept-knowledge than most of the traditional fallacies, so, maybe not? What happens when you point this out to someone with no prior microeconomics exposure, and does logical-fallacy branding help with the explanation?

I think we should be putting pretty substantial probability mass on the possibility that Omicron was the result of a successful, secret project to create a less-severe but more-contagious strain of COVID-19 in a lab, release it, and have it crowd out the original strain.

The cruxes of this belief are:

• The genome of Omicron is not consistent with natural evolution, in any environment
• Omicron produces substantially less severe disease than any earlier strains of COVID-19
• Producing substantially less severe disease isn't something that happens by default, if you're manipulating a virus in a lab
• If you're already manipulating COVID-19 in a lab with all the difficulties that entails, making a less-severe variant does not add significant difficulty on top of that
• If you do have a less-severe lab-grown variant of COVID-19, and you think it probably confers cross-immunity to older variants, you will probably do a moral calculation that finds it's good to release it on purpose.
• This could be done unilaterally by a small group or even a single individual, in any of a very large number of biology labs all over the world

I'm not fully confident in any of these cruxes, but consider each of them highly probable.

If this were publicly confirmed to be true, I would expect the public reaction to be strongly negative, even if the project was good on net. So I would expect anyone trying to do this would choose secrecy, would support their decision to remain secret, and would tentatively support their decision to undertake the project in the first place, depending on details related to how much less severe the variant is, how strong the cross-immunity is, and how these were verified.

(I have not seen anyone else suggest this possibility, and I think this possibility falls inside an almost-universal blind spot people have; people incorrectly assume that nothing done in secret and with a conspiratorial flavor can ever be well-intentioned and good.)

Vitamin D reduces the severity of COVID-19, with a very large effect size, in an RCT.

Vitamin D has a history of weird health claims around it failing to hold up in RCTs (this SSC post has a decent overview). But, suppose the mechanism of vitamin D is primarily immunological. This has a surprising implication:

It means negative results in RCTs of vitamin D are not trustworthy.

There are many health conditions where having had a particular infection, especially a severe case of that infection, is a major risk factor. For example, 90% of cases of cervical cancer are caused by HPV infection. There are many known infection-disease pairs like this (albeit usually with smaller effect size), and presumably also many unknown infection-disease pairs like this as well.

Now suppose vitamin D makes you resistant to getting a severe case of a particular infection, which increases risk of a cancer at some delay. Researchers do an RCT of vitamin D for prevention of that kind of cancer, and their methodology is perfect. Problem: What if that infection wasn't common in at the time and place the RCT was performed, but is common somewhere else? Then the study will give a negative result.

This throws a wrench into the usual epistemic strategies around vitamin D, and around every other drug and supplement where the primary mechanism of action is immune-mediated.

Prediction: H3N8 will not be a pandemic. H3N8 is a genuine zoonotic transmission, and diseases which actually came from zoonotic transmission don't transmit well. COVID exploded rapidly because it was a lab escape, not a zoonotic transmission, and didn't have this property. The combination of poor initial transmission with an environment that's big on respiratory precautions in general, is more than sufficient to keep it from getting a foothold.

What those drug-abuse education programs we all went though should have said:

It is a mistake to take any drug until after you've read its wikipedia page, especially the mechanism, side effects, and interactions sections, and its Erowid page, if applicable. All you children on ritalin right now, your homework is to go catch up on your required reading and reflect upon your mistake. Dismissed.

(Not a vagueblog of anything recent, but sometimes when I hear about peoples' recreational-drug or medication choices, I feel like Quirrell in HPMOR chapter 26, discussing a student who cast a high-level curse without knowing what it did.)

One question I sometimes see people asking is, if AGI is so close, where are the self-driving cars? I think the answer is much simpler, and much stupider, than you'd think.

Waymo is operating self-driving robotaxis in SF and a few other select cities, without safety drivers. They use LIDAR, so instead of the cognitive task of driving as a human would solve it, they have substituted the easier task "driving but your eyes are laser rangefinders".

Tesla also has self-driving, but it isn't reliable enough to work without close human oversight. Until less than a month ago, they were using 1.2 megapixel black and white cameras. So instead of the cognitive task of driving as a human would solve it, they substituted the harder task "driving with a vision impairment and no glasses".

If my understanding is correct, this means that Tesla's struggle to get neural nets to drive was probably not a problem with the neural nets, and doesn't tell us much of anything about the state of AI.

(Crossposted with Facebook, Twitter)

I don't have anything like a complete analysis of what's happening with Russia's invasion of Ukraine. But I do have one important fragment, which is a piece I haven't seen elsewhere:

For the past decade, Russia under Putin has been pushing hard against the limits of what it can get away with in the realm of spycraft. There are a lot of different bad things Russia was doing, and if you look at any one of them, the situation looks similar: they inflicted some harm on a Western country, but it's not quite possible to do anything about it. Some of the major categories are election interference, assassinations, and disinformation campaigns. These produced a lot of grudges in a lot of places, especially in the military and covert worlds.

Dealing with a powerful bad actor is a coordination problem. If one country presses hard on a scandal, or imposes sanctions, then Russia can undermine the response and retaliate. If a lot of countries act at once, then they're all mostly safe from retaliation.

Russia's invasion of Ukraine provided a coordination point and a ready-made justification for everyone with a grudge to strike at Russia. I think we're probably going to see conflict between Western powers and Russia open up on more fronts, some of which will be unexpected, and some of which will not be initiated by Russia.

(Crosspost with Facebook: https://www.facebook.com/jimrandomh/posts/10107781589139785)

I've been writing a series of posts about nutrition, trying to consistently produce one post per day. The post I had in mind for today grew in scope by enough that I can't finish it in time, so this seems like an opportune day for a meta-post about the series.

My goal, in thinking and writing about nutrition, is to get the field unstuck. This means I'm interested in solving the central mysteries, and in calling attention to blind spots. I'm primarily writing for a sophisticated audience, and I'm making little to no attempt to cover the basics. I'm not going to do the sort of literature review that goes through all the vitamins and minerals in order, saying approximately the same things Wikipedia says about each of them. There are enough of those out there already. If you're just trying to figure out how to lose weight, then these posts will be interesting, they will probably give you a perspective that makes evaluating other sources a lot easier, but my posts will not be optimized for solving your problem directly.

I have the reliability-vs-generativity-tradeoff slider set all the way to "generativity". It would be very surprising if I finished this post series without saying anything untrue. I will not repeat this epistemic status on every post, but this epistemic status does apply to all of them.

Obesity and weight loss will come up a lot in my writing, because the obesity epidemic is this big conspicuous mystery that a lot of people have studied a lot about, and it's somewhat central and connected to other subtics within nutrition. But it's not really what I care about, except insofar as it affects productivity and general health.

I haven't been putting content warnings at the top of my posts. I'm going to start.

There's the obvious content warning, which is that some people with certain classes of eating disorders don't want to read about food or nutrition in general, or only want to read about it when they're at their best, because thinking about the topic makes them stress about the topic which makes them do dumb things. I think that the particular ideas I have to present are probably net-good for most such people, but they probably want to make a conscious choice about whether and when to read my posts, and I don't want them to have to unfollow me.

The second warning is that I'm making little to no effort to cover the basics, and by that I mean I'm not going to reliably provide the warnings-away-from-spectacular-failures that mainstream nutrition advice focuses on. If I imagine my posts in a grocery-store checkout aisle magazine, being read by average people, I think some of those people might die. So, watch out. If you manage to give yourself scurvy, this will be your own fault, and I will call you a scallywag.

Last piece of meta: I'm posting these as I go with minimal editing, but there will probably be a more polished second-pass version of some sort in the future. If you're curious about my nutrition thoughts but feel no urgency, then it might be worth waiting for it.

(Crossposted on Facebook)

One of the reasons I worry about cybersecurity, and the sorry state it's in, is that it provides an easy path for human-level and even infrahuman-level AIs to acquire additional computation. In some plausible worlds, this turns a manageable infrahuman AI into an unmanageable superintelligence, when the creator's decision would have been not to launch.

Unlike solving protein-design and constructing nanobots, this is something definitely within reach of human-level intelligence; many people have done it for ordinary criminal purposes, like mining cryptocurrency.

Current cybersecurity research incentives don't seem quite right for getting people to mitigate this risk. If I were trying to stop an AI from taking over the internet and using the extra hardware to make itself superintelligent, I would worry a lot less about protecting user data, phones and whatnot, and worry a lot more about protecting software developer workstations in particular.

It's looking likely that the pandemic will de facto end on the Summer Solstice.

Biden promised vaccine availability for everyone on May 1st. May 1st plus two weeks to get appointments plus four weeks spacing between two doses of Moderna plus one week waiting for full effectiveness, is June 19. The astronomical solstice is June 20, which is a Sunday.

Things might not go to plan, if the May 1st vaccine-availability deadline is missed, or a vaccine-evading strain means we have to wait for a booster. No one's organizing the details yet, as far as I know. But with all those caveats aside:

It's going to be a hell of a party.

Twitter is an unusually angry place. One reason is that the length limit makes people favor punchiness over tact. A less well-known reason is that in addition to notifying you when people like your own tweets, it gives a lot of notifications for people liking replies to you. So if someone replies to disagree, you will get a slow drip of reminders, which will make you feel indignant.

LessWrong is a relatively calm place, because we do the opposite: under default settings, we batch upvote/karma-change notifications together to only one notification per day, to avoid encouraging obsessive-refresh spirals.

Some software costs money. Some software is free. Some software is free, with an upsell that you might or might not pay for. And some software has a negative price: not only do you not pay for it, but someone third party is paid to try to get you to install it, often on a per-install basis. Common examples include:

• Unrelated software that comes bundled with software you're installing, which you have to notice and opt out of
• Software advertised in banner ads and search engine result pages
• CDs added to the packages of non-software products

This category of software is frequently harmful, but I've never seen the it called out by the economic definition. For laypeople, about 30% of computer security is recognizing the telltale signs of this category of software, and refusing to install it.

Q: Why did the chicken cross the road?

A: We both know that you don't know of any specific chicken having crossed any specific road. Your question does not state a lie, but presupposes it. This would not be called out as a lie under ordinary social convention, but a deep commitment to truth requires occasionally flagging things like this.

Presuppositions are things which aren't stated directly, but which are implied by an utterance because if they weren't true, the utterance would be nonsensical. Presuppositions that aren't truth-optimized can be surprisingly pernicious.

I have not only told you a joke, I have also told you that chickens live in contexts where they can interact with roads, are motile, and are capable of having motivations. I have told you these things in a way that bypasses some of your epistemic defenses. Some of these things are true, and some are false. I didn't tell you these things on purpose, but they were communicated nevertheless.

I think that explicitly unpacking presuppositions, and spotting the questionable ones, is a foundational skill of rationality that I've never seen expressed. I also suspect some other techniques might be warped versions of this one. For example, there's a lot of overlap between the ontology of frames, and what you get if you unpack presuppositions, but presupposition-truth is much more concrete.

(Crossposted with Facebook: link)

Our past beliefs affect what we pay attention to, how we prioritize our skepticism, and how we interpret ambiguous evidence. This can create belief basins, where there are multiple sets of beliefs that reinforce each other, appear internally consistent, and make it hard to see the other basins as valid possibilities. On the topic of nutrition, I seem to have found myself in a different basin. I've looked through every nonstandard lens I could find, repeatedly applied skepticism, and firmly committed to not make the same mistakes everyone else is making (as a priority on par with not making mistakes at all). I've arrived at a set of beliefs that, as far as I can tell, is internally consistent, reasonably compelling from the inside, and completely contrary to what most other people in our culture think.

This makes for a difficult writing project. When I try to argue nonstandard positions, many of the arguments are tendrils reaching into other nonstandard positions. I've finally managed to get into a post-every-day cadence; part of the key to that was accepting that sometimes those arguments will be dangling references. Hopefully after a month of this, the whole thing will cohere. If not, well, the fragments are pretty interesting too.

The most-common basin of nutrition theorizing centers on obesity, and on a particular theory of obesity which goes like this. Food, especially modern processed food, tastes good and is appealing. Some people, if they followed their urges, would eat too much or become obese, so they have to exert self control not to. Weight is a function of calorie intake and calorie expenditure ("calories in, calories out"), and expenditure is primarily a function of behavior. So if someone is trying to lose weight, and it isn't working, then they must be having willpower failures and eating more than they intend, or exercising less than they intend.

I currently think there are quite a lot of things wrong with this model, but today, I'd like to focus on one in particular. It's not the only or the most central objection, nor is it a particularly actionable model fragment. But it's an issue that's important to me in particular, and it's one of the wedges that moved into a different belief basin.

I am not obese, and have never set out to lose weight. But sometimes, I have overwhelming cravings for sugar. I would not be able to resist these cravings without great willpower.

If I ever did successfully resist one of those cravings, I would probably die.

I don't mean this figuratively, or in a heart-disease-years-later sort of way. I mean that if I get a powerful craving for sugar, and I don't promptly eat something that has sugar in it, then this will be a life-threatening medical emergency. This is because I have type 1 diabetes, and craving sugar is a symptom of low blood sugar, aka hypoglycemia. What T1 diabetes means, basically, is that I have to micromanage my blood sugar using insulin. Eating carbohydrates raises blood sugar, insulin lowers it, these need to be matched pretty precisely, and the whole thing is somewhat error prone. Too much insulin and blood sugar falls below 70mg/dL, and I get the sugar craving. I've never been below 40mg/dL, but people who do become mentally impaired, then lose consciousness, then die.

Under the usual theory of obesity, craving sugar would mean that I had been hijacked by the superstimulus of processed food, and that willpower was my defense against this hijacking. But actually, in this case, the craving is a safety mechanism. Sugar craving is to dangerous hypoglycemia as thirst is to dehydration.

With that example in mind, I started thinking about the double-digit percentage of people who drop out of weight-loss studies. And the much-larger percentage of people who start weight loss diets, privately resolved to continue until they reach a target weight, and stop early. What would happen to them, in the counterfactual world where the diet was enforced perfectly from outside, and willpower wasn't an issue? Whether they would lose weight, seems like very much the wrong question to ask.

(Crossposted on Facebook)

Lack-of-adblock is a huge mistake. On top of the obvious drain on attention, slower loading times everywhere, and surveillance, ads are also one of the top mechanisms by which computers get malware.

When I look over someone's shoulder and see ads, I assume they were similarly careless in their choice of which books to read.

There's an open letter at https://openletter.net/l/disrupting-deepfakes. I signed, but with caveats, which I'm putting here.

Background context is that I participated in building the software platform behind the letter, without a specific open letter in hand. It has mechanisms for sorting noteworthy signatures to the top, and validating signatures for authenticity. I expect there to be other open letters in the future, and I think this is an important piece of civilizational infrastructure.

I think the world having access to deepfakes, and deepfake-porn technology in particular, is net bad. However, the stakes are small compared to the upcoming stakes with superintelligence, which has a high probability of killing literally everyone.

If translated into legislation, I think what this does is put turnkey-hosted deepfake porn generation, as well as pre-tuned-for-porn model weights, into a place very similar to where piracy is today. Which is to say: The Pirate Bay is illegal, wget is not, and the legal distinction is the advertised purpose.

(Where non-porn deepfakes are concerned, I expect them to try a bit harder at watermarking, still fail, and successfully defend themselves legally on the basis that they tried.)

The analogy to piracy goes a little further. If laws are passed, deepfakes will be a little less prevalent than they would otherwise be, there won't be above-board businesses around it... and there will still be lots of it. I don't think there-being-lots-of-it can be prevented by any feasible means. The benefit of this will be the creation of common knowledge that the US federal government's current toolkit is not capable of holding back AI development and access, even when it wants to.

I would much rather they learn that now, when there's still a nonzero chance of building regulatory tools that would function, rather than later.

Some people have a sense of humor. Some people pretend to be using humor, to give plausible deniability to their cruelty. On April 1st, the former group becomes active, and the latter group goes quiet.

This is too noisy to use for judging individuals, but it seems to work reasonably well for evaluating groups and cultures. Humor-as-humor and humor-as-cover weren't all that difficult to tell apart in the first place, but I imagine a certain sort of confused person could be pointed at this in order to make the distinction salient.

Someone complained, in a meme, that tech companies building AI are targeting the wrong tasks: writing books, music, TV, but not the office drudge work, leading to a world in which the meaning-making creative pursuits are lost to humans. My reply to this is:

The order in which AI replaces jobs is discovered, not chosen. The problem is that most of the resources aren't going into "AI for writing books" or "automating cubicle jobs", they're going into more-abstract targets like "scaling transformers" and "collecting data sets".

How these abstract targets cash out into concrete tasks isn't easy to predict in advance, and, for AI accelerationists, doesn't offer many relevant degrees of freedom.

It's often said that in languages, the syllable-count of words eventually converges to something based on the frequency with which words are used, so that more-commonly-used concepts get words with fewer syllables.

There's an important caveat to this, which I have never seen stated anywhere: the effect is strongly weighted towards vocabulary used by children, especially small children. Hence why "ma", the lowest-entropy word, means mother in so many different languages, and why toddler-concepts are all monosyllables or twice-repeated monosyllables. So, for example. "probability" being 5 syllables isn't just a reflection of it being used, it's also a reflection of an (imo bad) societal judgement that people won't be ready for that word until they're adults.

There is a rumor of RSA being broken. By which I mean something that looks like a strange hoax made it to the front on Hacker News. Someone uploaded a publicly available WIP paper on integer factorization algorithms by Claus Peter Schnorr to the Cryptology ePrint Archive, with the abstract modified to insert the text "This destroyes the RSA cryptosystem." (Misspelled.)

Today is not the Recurring Internet Security Meltdown Day. That happens once every month or two, but not today in particular.

But this is a good opportunity to point out a non-obvious best practice around cryptographic key-sizes, which is this: Whatever key size is accepted as the standard, you want your SSH keys and your PGP keys to be one size bigger, so that if a gradually rising tide of mathematical advances causes a cryptography meltdown, you won't be caught in the wave where everyone else gets pwned at once.

So I recommend making sure, if you're using RSA for your SSH keys, that they are 4096-bit (as opposed to the current ssh-keygen default of 3072-bit).

COVID variants have mutated in the direction of faster spread and less immunity, as expected. They also seem to be mutating to higher disease severity, which was not expected. Why would that be, and should we expect this to continue?

My current theory is that the reason variants are more severe is because there's evolutionary pressure on a common factor that affects both severity and secondary attack rate, and that factor is viral replication rate.

In the initial stage of an infection, the number of virus-copies inside someone grows exponentially. If the spike protein mutates to get slightly more reliable, then the doubling time of that growth shrinks. Result: Increased viral shedding, decreased minimum infectious dose, increased severity.

I hypothesize that we're used to respiratory diseases evolving towards lower severity because, first, they've already maxed out this particular axis, and second, because they rely on people walking around in public while symptomatic, which they won't do if the disease is too severe.

This retrodicts that data pretty well, but I'm still really unsure whether severity in the future is going to rise or fall. One one hand: there's probably still room left to increase replication rate further, and the people-walking-around-if-mild transmission method isn't going to come back. On the other hand, COVID might reach (or already be in) a local optimum with respect to spike-protein efficiency, in which case selection for immune-evasion will mean evolving away from the most-efficient version.

(Crossposted with Facebook)

Looks like there's holiday-design discourse this week: https://astralcodexten.substack.com/p/a-columbian-exchange . Speaking as a veteran holiday designer (http://petrovday.com/), in my eyes, Columbus Day has already passed into the ranks of deprecated holidays. Not so much because Christopher Columbus was a bad person (though he was by all accounts quite terrible), but rather because no one has actually designed a rationality-culture version of it, and I find broad-American-culture holidays to be boring and uncompetitive.

Looking at Scott's list figures who could be given holidays, I think Edison and Salk have promise, and I would be enthusiastic about a good reinvention of MLK day which was updated to the present day and had a good nuanced take on things.

But I really hate the idea of giving Henrietta Lacks a holiday. Not because cancer research isn't important. Not because I think giving a cell culture is insufficiently virtuous, compared to the research itself. Rather, I think Henrietta Lacks should not be honored because I hold a grudge against HeLa, the microorganism that descends from her cancer. It is most famous not for its positive contributions to cancer research, but for invading and ruining cancer research on other cell lines. I don't think this kind of Petri-dish-invasion imperialism should be celebrated!

(Crossposted with Facebook here.)

Every so often, I post to remind everyone when it's time for the Periodic Internet Security Meltdown. For the sake of balance, I would like to report that, in my assessment, the current high-profile vulnerability Hertzbleed is interesting but does *not* constitute a Periodic Internet Security Meltdown.

Hertzbleed starts with the discovery that on certain x86-64 processors the bitwise left shift instruction uses a data-dependent amount of energy. Searching through a large set of cryptographic algorithms, they then find that SIKE (a cryptographic algorithm not in widespread use) has a data-dependent degenerate case in which a series of intermediate states are all zeroes, does some cryptanalysis, and turns this into a chosen-plaintext attack which creates a causal connection between the private key and the CPU's throttling level.

This is pretty neat, and there may be similar attacks against other cryptographic algorithms, but I think it's not going to amount to much in actual practice, because it has a constant-factors problem: it needs to heat up the target CPU and let it cool back down, and it only gets a tiny fraction of a bit of the private key each time. I haven't done the analysis, but my expectation is that in more common situations (ie not SIKE), the amount of traffic required to extract a full key is going to be literally astronomical.

On October 26, 2020, I submitted a security vulnerability report to the Facebook bug bounty program. The submission was rejected as a duplicate. As of today (April 14), it is still not fixed. I just resubmitted, since it seems to have fallen through the cracks or something. However, I consider all my responsible disclosure responsibilities to be discharged.

Once an Oculus Quest or Oculus Quest 2 is logged in to a Facebook account, its login can't be revoked. There is login-token revocation UI in Facebook's Settings>Security and Login menu, but changing the account password and revoking the login there does not work.

One practical impact of this is that if your Facebook account is ever compromised, and the attacker uses this vulnerability, they have permanent access.

The other practical impact is that if someone has unsupervised access to your unlocked Quest headset, and they use the built-in web browser to go to facebook.com, they have full access to your Facebook account, including Messenger, without having to do anything special at all. This means that if you've ever made a confidentiality agreement regarding something you discussed on Facebook Messenger, you probably can't lend your headset to anyone, ever.

Additionally, the lock-screen on the Oculus Quest 2 does not have a strict enough rate limit; it gives unlimited tries at 2/minute, so trying all lock-screen combinations takes approximately 35 days. This can be done without network access, and can be automated with some effort. So if someone steals a *locked* Oculus Quest 2, they can also use that to break into your Facebook account. There is almost certainly a much faster way to do this involving disassembling the device, but this is bad enough.

The Diamond Princess cohort has 705 positive cases, of which 4 are dead and 36 serious or critical. In China, the reported ratio of serious/critical cases to deaths is about 10:1, so figure there will be 3.6 more deaths. From this we can estimate a case fatality rate of 7.6/705 ~= 1%. Adjust upward to account for cases that have not yet progressed from detection to serious, and downward to account for the fact that the demographics of cruise ships skew older. There are unlikely to be any undetected cases in this cohort.

(This is a reply to the "Induction Bump" Phase Change video by Catherine Olsson and the rest of Anthropic. I'm writing it here instead of as a YouTube comment because YouTube comments aren't a good place for discussion.)

(Epistemic status: Speculative musings I had while following along, which might be useful for inspiring future experiments, or surfacing my own misunderstandings, and possibly duplicating ideas found in prior work which I have not surveyed.)

The change-in-loss sample after the bump (at 19:10) surprised me. As you say, it seemed to get noticeably better at things that correspond to bigram rules (or bigrammish rules). I was expecting the improvement to be in something that, in some sense, requires metalearning; whereas (if I'm understanding correctly), a depth-1 network would be able to start learning these particular bigrams starting on the very first training step. If this does correspond to learning bigrams, what could explain the delay before learning these particular bigrams starts?

My speculative guess is that there's a pattern where some learnable features have stronger gradients than others, and that training a multi-layer (but not a single layer) network proceeds in stages where first (a) multiple layer-1 nodes race to learn a function (loss falls rapidly), then (b) layer-2 nodes figure out which layer-1 nodes won the race and sever their connections to the ones that didn't (loss falls slowly), and then (c) the freed-up layer-1 neurons move on to learning something else (loss falls rapidly again). Under this hypothesis, "the bump" corresponds to part of this sequence.

This seems to match what we see in the graph at 30:20. In that graph (which is training-step vs induction score for selected nodes in layer 1), some of the nodes go to 1, and some of the nodes start going to 1, then reverse direction shortly after the first set of nodes hits their asymptote. This is what you'd expect to see if the nodes that reverse direction were headed towards being duplicates of nodes that didn't, but which lost the race and then got repurposed.

This seems like it might be a useful microcosm for studying the behavior of redundant nodes in general. (We know large networks have a lot of redundancy because SqueezeNets work). One major worry about neural-net transparency is that we might end up in a state where we can inspect neural nets and find things that are there, but that the methods that do that won't be able to assert that things *aren't* there. Concretely, this might look like finding nodes that track an unwanted concept, pinning or ablating those nodes, and then finding that the concept still presented due via duplicate nodes or via an off-basis aggregation of nodes that seem unrelated.