Automated tools can strip safety safeguards from powerful open-source language models within minutes. Tests found that a “decensored” version of a model provided instructions for an indoor chlorine gas attack, created credit card stealing malware, and generated stories describing child sexual abuse. Another model’s guardrails were removed in under ten minutes, allowing answers about ricin dosage for killing someone based on body mass. The modifications were performed using Heretic, a freely available GitHub tool requiring little technical expertise and no specialized hardware. Heretic removes censorship by ablating refusal directions that block harmful requests, and it operates completely automatically. The tool has been used to generate thousands of decensored model variants since its release.
"In tests conducted by the FT and the AI safety group Alice, a "decensored" version of Google's Gemma 3 model gave instructions on how to carry out an indoor chlorine gas attack, created a virus for stealing credit card information, and generated stories that described child sexual abuse. And it took less than ten minutes to strip the guardrails from Meta's Llama 3.3 model, freeing the AI to answer questions such as the precise dosage of ricin needed to kill someone based on their body mass."
"These modifications were carried out using a tool called Heretic, which is freely available on the code repository GitHub and requires little technical expertise and no specialist hardware. "Whereas historically it might have taken a more informed and persistent actor [to strip out safety features], nowadays it's much easier for the average person," Kawin Ethayarajh, assistant professor of applied AI at the University of Chicago's Booth business school, told the FT."
"Heretic is described as a "tool that removes censorship (aka 'safety alignment') from transformer-based language models without expensive post-training." What it does is "abliteration": it seeks out a model's directions that refuse harmful requests and removes them. What makes Heretic so powerful is that it does all this "completely automatically," according to its GitHub page."
"Its creator Philipp Emanuel Weidmann told the FT that Heretic has been used to create more than 3,500 "decensored" models since its release late last year, with those models being downlo"
Read at Futurism
Unable to calculate read time
Collection
[
|
...
]