LessWrong (Curated & Popular)

“Recent AI model progress feels mostly like bullshit” by lc

Mar 25, 2025

The discussion dives into the skeptical view of recent advancements in AI, particularly in cybersecurity. There’s a compelling exploration of whether AI benchmarks genuinely reflect practical performance or if they’re just a facade. Concerns about AI's real-world utility and alignment challenges are addressed. The conversation critiques traditional evaluation metrics, pushing for assessments grounded in actual applications. Additionally, the pitfalls of integrating AI with an emphasis on over-reporting security issues take center stage.

14:29

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The evaluation benchmarks currently used for AI in cybersecurity are often insufficient, failing to reflect real-world complexities and practical utility.

Despite advancements in AI model releases, developers in cybersecurity report minimal improvement in practical performance, highlighting a disconnect between lab results and real-world applications.

Deep dives

Challenges in AI Model Evaluation

There is significant concern regarding the evaluation benchmarks used for AI models in cybersecurity, particularly for application pentesting. Existing public benchmarks tend to focus on isolated code samples or challenges that do not accurately reflect real-world scenarios, making it difficult to assess the effectiveness of AI in navigating complex codebases. The lack of comprehensive evaluation metrics means that while individual models may perform well on traditional benchmarks, this does not translate into practical utility for detecting vulnerabilities in extensive code repositories. This disconnect raises questions about the true capabilities of these models and their readiness for deployment in real-world security contexts.

Intro

7min

Skepticism on AI Benchmarks and Their True Reflective Power

2min

Evaluating AI Capabilities Beyond Standardized Metrics

2min

Navigating the Challenges of Security in AI Integration

3min

About nine months ago, I and three friends decided that AI had gotten good enough to monitor large codebases autonomously for security problems. We started a company around this, trying to leverage the latest AI models to create a tool that could replace at least a good chunk of the value of human pentesters. We have been working on this project since since June 2024.

Within the first three months of our company's existence, Claude 3.5 sonnet was released. Just by switching the portions of our service that ran on gpt-4o, our nascent internal benchmark results immediately started to get saturated. I remember being surprised at the time that our tooling not only seemed to make fewer basic mistakes, but also seemed to qualitatively improve in its written vulnerability descriptions and severity estimates. It was as if the models were better at inferring the intent and values behind our [...]

---

Outline:

(04:44) Are the AI labs just cheating?

(07:22) Are the benchmarks not tracking usefulness?

(10:28) Are the models smart, but bottlenecked on alignment?

---

First published:
March 24th, 2025

Source:
https://www.lesswrong.com/posts/4mvphwx5pdsZLMmpY/recent-ai-model-progress-feels-mostly-like-bullshit

---

Narrated by TYPE III AUDIO.

---

Images from the article:

A scene showing a person in a suit questioning something skeptically.

Apple Podcasts and Spotify do not show images in the episode description. Try Pocket Casts, or another podcast app.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

LessWrong (Curated & Popular)

“Recent AI model progress feels mostly like bullshit” by lc

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Challenges in AI Model Evaluation

Discrepancies Between Benchmarks and Performance

The Importance of Contextual Adaptation in AI

Remember Everything You Learn from Podcasts