Skip to main content

The Spread of False Information through LLMs

 


A new paper, 'A Drop of Ink may Make a Million Think: The Spread of False Information in Large Language Models', from the School of Computer Science and Technology, University of Chinese Academy of Sciences, Beijing, and the Institute of Software, Chinese Academy of Sciences, Beijing. 

The presence of false information on the internet and in the text corpus poses a significant risk to the reliability and safety of LLMs. This paper investigates how false information spreads in LLMs and affects related responses. The authors conducted a series of experiments to study the effects of source authority, injection paradigm, and information relevance. They found that false information can spread and contaminate related memories in LLMs, and that LLMs are more likely to follow false information presented in a trustworthy style. The authors conclude that new false information defense algorithms are needed to address the global impact of false information, and that new alignment algorithms are needed to unbiasedly lead LLMs to follow internal human values rather than superficial patterns.

Key points from the paper:

  • False information can spread and contaminate related memories in LLMs.
  • LLMs are more likely to follow false information presented in a trustworthy style.
  • Current LLMs are more sensitive to false information through in-context injection than through learning-based injection.
  • The findings of this paper raise the need for new false information defense algorithms and new alignment algorithms.

False information will spread and contaminate related memories in LLMs via a semantic diffusion process, i.e., false information has global detrimental effects beyond its direct impact. The extent of pollution is contingent on the semantic association between the false information and the memory in the LLMs..., both ChatGPT and Alpaca-LLaMA exhibit significant drops in accuracy on all types of questions when exposed to false information.
ChatGPT’s accuracy drops to only 48.33% and 57.70% on indirect and peripheral questions, compared to over 95% accuracies without false information. 

The paper only serves to highlight the issues of transparency in the data fed to LLMs, are you listening Google (and others)? This will be less of an issue for Open Source LLMs as they are transparent about the models.

 

Comments

Popular posts from this blog

The Whispers in the Machine: Why Prompt Injection Remains a Persistent Threat to LLMs

 Large Language Models (LLMs) are rapidly transforming how we interact with technology, offering incredible potential for tasks ranging from content creation to complex analysis. However, as these powerful tools become more integrated into our lives, so too do the novel security challenges they present. Among these, prompt injection attacks stand out as a particularly persistent and evolving threat. These attacks, as one recent paper (Safety at Scale: A Comprehensive Survey of Large Model Safety https://arxiv.org/abs/2502.05206) highlights, involve subtly manipulating LLMs to deviate from their intended purpose, and the methods are becoming increasingly sophisticated. At its core, a prompt injection attack involves embedding a malicious instruction within an otherwise normal request, tricking the LLM into producing unintended – and potentially harmful – outputs. Think of it as slipping a secret, contradictory instruction into a seemingly harmless conversation. What makes prompt inj...

The Future of Work in the Age of AGI: Opportunities, Challenges, and Resistance

 In recent years, the rapid advancement of artificial intelligence (AI) has sparked intense debate about the future of work. As we edge closer to the development of artificial general intelligence (AGI), these discussions have taken on a new urgency. This post explores various perspectives on employment in a post-AGI world, including the views of those who may resist such changes. It follows on from others I've written on the impacts of these technologies. The Potential for Widespread Job Displacement Avital Balwit, an employee at Anthropic, argues in her article " My Last Five Years of Work " that AGI is likely to cause significant job displacement across various sectors, including knowledge-based professions. This aligns with research by Korinek (2024), which suggests that the transition to AGI could trigger a race between automation and capital accumulation, potentially leading to a collapse in wages for many workers. Emerging Opportunities and Challenges Despite the ...

Can We Build a Safe Superintelligence? Safe Superintelligence Inc. Raises Intriguing Questions

  Safe Superintelligence Inc . (SSI) has burst onto the scene with a bold mission: to create the world's first safe superintelligence (SSI). Their (Ilya Sutskever, Daniel Gross, Daniel Levy) ambition is undeniable, but before we all sign up to join their "cracked team," let's delve deeper into the potential issues with their approach. One of the most critical questions is defining "safe" superintelligence. What values would guide this powerful AI? How can we ensure it aligns with the complex and often contradictory desires of humanity?  After all, "safe" for one person might mean environmental protection, while another might prioritise economic growth, even if it harms the environment.  Finding universal values that a superintelligence could adhere to is a significant hurdle that SSI hasn't fully addressed. Another potential pitfall lies in SSI's desire to rapidly advance capabilities while prioritising safety.  Imagine a Formula One car wi...