On Wednesday, the Future of Life Institute published an open letter on its website calling on AI labs to “immediately pause for at least 6 months the training of AI systems more powerful than GPT-4.” Signed by Elon Musk and several prominent AI researchers, the letter quickly began to draw attention in the press—and some criticism on social media.

Earlier this month, OpenAI released GPT-4, an AI model that can perform compositional tasks and allegedly pass standardized tests at a human level, although those claims are still being evaluated by research. Regardless, GPT-4 and Bing Chat’s advancement in capabilities over previous AI models spooked some experts who believe we are heading toward super-intelligent AI systems faster than previously expected.

Along these lines, the Future of Life Institute argues that recent advancements in AI have led to an “out-of-control race” to develop and deploy AI models that are difficult to predict or control. They believe that the lack of planning and management of these AI systems is concerning and that powerful AI systems should only be developed once their effects are well-understood and manageable. As they write in the letter:

AI systems with human-competitive intelligence can pose profound risks to society and humanity, as shown by extensive research and acknowledged by top AI labs. As stated in the widely-endorsed Asilomar AI Principles, Advanced AI could represent a profound change in the history of life on Earth, and should be planned for and managed with commensurate care and resources.

In particular, the letter poses four loaded questions, some of which presume hypothetical scenarios that are highly controversial in some quarters of the AI community, including the loss of “all the jobs” to AI and “loss of control” of civilization:

• “Should we let machines flood our information channels with propaganda and untruth?”
• “Should we automate away all the jobs, including the fulfilling ones?“
• “Should we develop nonhuman minds that might eventually outnumber, outsmart, obsolete, and replace us?”
• “Should we risk loss of control of our civilization?”

To address these potential threats, the letter calls on AI labs to “immediately pause for at least 6 months the training of AI systems more powerful than GPT-4.” During the pause, the authors propose that AI labs and independent experts collaborate to establish shared safety protocols for AI design and development. These protocols would be overseen by independent outside experts and should ensure that AI systems are “safe beyond a reasonable doubt.”

However, it’s unclear what “more powerful than GPT-4” actually means in a practical or regulatory sense. The letter does not specify a way to ensure compliance by measuring the relative power of a multimodal or large language model. In addition, OpenAI has specifically avoided publishing technical details about how GPT-4 works.

The Future of Life Institute is a nonprofit founded in 2014 by a group of scientists concerned about existential risks facing humanity, including biotechnology, nuclear weapons, and climate change. In addition, the hypothetical existential risk from AI has been a key focus for the group. According to Reuters, the organization is primarily funded by the Musk Foundation, London-based effective altruism group Founders Pledge, and Silicon Valley Community Foundation.

Notable signatories to the letter confirmed by a Reuters reporter include the aforementioned Tesla CEO Elon Musk, AI pioneers Yoshua Bengio and Stuart Russell, Apple co-founder Steve Wozniak, Stability AI CEO Emad Mostaque, and author Yuval Noah Harari. The open letter is available for anyone on the Internet to sign without verification, which initially led to the inclusion of some falsely added names, such as former Microsoft CEO Bill Gates, OpenAI CEO Sam Altman, and fictional character John Wick. Those names were later removed.

Threat actors are exploiting a critical vulnerability in an IBM file-exchange application in hacks that install ransomware on servers, security researchers have warned.

The IBM Aspera Faspex is a centralized file-exchange application that large organizations use to transfer large files or large volumes of files at very high speeds. Rather than relying on TCP-based technologies such as FTP to move files, Aspera uses IBM’s proprietary FASP—short for Fast, Adaptive, and Secure Protocol—to better utilize available network bandwidth. The product also provides fine-grained management that makes it easy for users to send files to a list of recipients in distribution lists or shared inboxes or workgroups, giving transfers a workflow that’s similar to email.

In late January, IBM warned of a critical vulnerability in Aspera versions 4.4.2 Patch Level 1 and earlier and urged users to install an update to patch the flaw. Tracked as CVE-2022-47986, the vulnerability makes it possible for unauthenticated threat actors to remotely execute malicious code by sending specially crafted calls to an outdated programming interface. The ease of exploiting the vulnerability and the damage that could result earned CVE-2022-47986 a severity rating of 9.8 out of a possible 10.

On Tuesday, researchers from security firm Rapid7 said they recently responded to an incident in which a customer was breached using the vulnerability.

“Rapid7 is aware of at least one recent incident where a customer was compromised via CVE-2022-47986,” company researchers wrote. “In light of active exploitation and the fact that Aspera Faspex is typically installed on the network perimeter, we strongly recommend patching on an emergency basis, without waiting for a typical patch cycle to occur.”

According to other researchers, the vulnerability is being exploited to install ransomware. Sentinel One researchers, for instance, said recently that a ransomware group known as IceFire was exploiting CVE-2022-47986 to install a newly minted Linux version of its file-encrypting malware. Previously, the group pushed only a Windows version that got installed using phishing emails. Because phishing attacks are harder to pull off on Linux servers, IceFire pivoted to the IBM vulnerability to spread its Linux version. Researchers have also reported the vulnerability is being exploited to install ransomware known as Buhti.

As noted earlier, IBM patched the vulnerability in January. IBM republished its advisory earlier this month to ensure no one missed it. People who want to better understand the vulnerability and how to mitigate potential attacks against Aspera Faspex servers should check posts here and here from security firms Assetnote and Rapid7.

The latest breakthroughs in artificial intelligence could lead to the automation of a quarter of the work done in the US and eurozone, according to research by Goldman Sachs.

The investment bank said on Monday that “generative” AI systems such as ChatGPT, which can create content that is indistinguishable from human output, could spark a productivity boom that would eventually raise annual global gross domestic product by 7 percent over a 10-year period.

But if the technology lived up to its promise, it would also bring “significant disruption” to the labor market, exposing the equivalent of 300 million full-time workers across big economies to automation, according to Joseph Briggs and Devesh Kodnani, the paper’s authors. Lawyers and administrative staff would be among those at greatest risk of becoming redundant.

They calculate that roughly two-thirds of jobs in the US and Europe are exposed to some degree of AI automation, based on data on the tasks typically performed in thousands of occupations.

Most people would see less than half of their workload automated and would probably continue in their jobs, with some of their time freed up for more productive activities.

In the US, this should apply to 63 percent of the workforce, they calculated. A further 30 percent working in physical or outdoor jobs would be unaffected, although their work might be susceptible to other forms of automation.

But about 7 percent of US workers are in jobs where at least half of their tasks could be done by generative AI and are vulnerable to replacement.

Goldman said its research pointed to a similar impact in Europe. At a global level, since manual jobs are a bigger share of employment in the developing world, it estimates about a fifth of work could be done by AI—or about 300 million full-time jobs across big economies.

The report will stoke debate over the potential of AI technologies both to revive the rich world’s flagging productivity growth and to create a new class of dispossessed white-collar workers, who risk suffering a similar fate to that of manufacturing workers in the 1980s.

Goldman’s estimates of the impact are more conservative than those of some academic studies, which included the effects of a wider range of related technologies.

A paper published last week by OpenAI, the creator of GPT-4, found that 80 percent of the US workforce could see at least 10 percent of their tasks performed by generative AI, based on analysis by human researchers and the company’s machine large language model (LLM).

Europol, the law enforcement agency, also warned this week that rapid advances in generative AI could aid online fraudsters and cyber criminals, so that “dark LLMs…  may become a key criminal business model of the future.”

Goldman said that if corporate investment in AI continued to grow at a similar pace to software investment in the 1990s, US investment alone could approach 1 percent of US GDP by 2030.

The Goldman estimates are based on an analysis of US and European data on the tasks typically performed in thousands of different occupations. The researchers assumed that AI would be capable of tasks such as completing tax returns for a small business; evaluating a complex insurance claim; or documenting the results of a crime scene investigation.

They did not envisage AI being adopted for more sensitive tasks such as making a court ruling, checking the status of a patient in critical care, or studying international tax laws.

© 2023 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.