Price:

AI & TECH

Kolter reveals AI safety committee can veto OpenAI model launches

Sunday, May 17, 2026 · from 5 podcasts
All-InHard ForkPeter McCormack ShowThe EconomistThe MAD Podcast with Matt…
  • OpenAI’s safety committee has veto power to stop model releases if risks are too high.
  • The Trump administration reversed its stance after seeing models find zero-day exploits in minutes.
  • Critics dismiss current safeguards as ‘safetywashing’ and call extinction nearly inevitable.

AI safety efforts are escalating, but experts debate whether they’re substantive or superficial.

OpenAI board member Zico Kolter chairs its Safety and Security Committee, which functions as an audit board. He said on The MAD Podcast that if safety reviews show a model fails to meet catastrophic risk thresholds - like in biology or autonomous self-improvement - the committee can stall its release. Kolter argued safety doesn’t scale automatically with compute; it requires explicit training separate from capabilities.

“Capabilities scale with compute, but safety does not. Robustness is a separate engineering challenge that requires specific post-training and architectural guardrails.”

- Zico Kolter, The MAD Podcast with Matt Turck

This formal oversight contrasts with stark criticism from other researchers. Roman Yampolskiy, on The Peter McCormack Show, dismissed corporate safety work as theater. He said developers chasing trillion-dollar incentives merely ‘safetywash’ products with surface-level filters that hide a model’s internal goals. Yampolskiy estimates the probability of superintelligent AI causing human extinction as extremely high, using a figure with ‘a lot of nines’.

The debate gained urgency as AI’s tangible risks materialized. Hard Fork reported the Trump administration abandoned its anti-regulation stance after a classified briefing on Anthropic’s Mythos model, which can find novel vulnerabilities and daisy-chain exploits. Officials who mocked pre-release testing are now drafting orders to implement it.

Arthur Holland-Michel of The Intelligence warned AI acts as an expert tutor, compressing years of team-based research into a solo project for a skilled biologist. He said refusal mechanisms are easily bypassed, leaving regulatory fixes flimsy.

Kolter’s layered defense - combining safety training, monitoring, and minimal agent permissions - aims to address this. But the divide remains: institutional oversight versus a belief that control is a temporary illusion.

“Control is a temporary illusion held while agents are dumber than their creators. Superintelligence is inherently uncontainable.”

- Roman Yampolskiy, The Peter McCormack Show

The policy response is fragmented. Hard Fork noted a turf war between agencies and that the Pentagon both designated Anthropic a supply chain risk and implemented Mythos to scan for vulnerabilities. Germany now demands access to state-of-the-art models for its own safety institute.

As agents introduce new risks like prompt injection, and markets ignore geopolitical shocks because traditional safe havens are broken, the pressure to act - or pretend to act - only grows.

#Models#Safety#Regulation
AnthropicOpenAIPentagonGermany

Source Intelligence

- Deep dive into what was said in the episodes

All-In with Chamath, Jason, Sacks & Friedberg
All-In with Chamath, Jason, Sacks & Friedberg

Trump-Xi Summit, Benioff: "Not My First SaaSpocalypse," OpenAI vs Apple, Multi-Sensory AI, El NiñoMay 15

Also from this episode: (16)

Politics (5)

  • The Trump-Xi summit is the first U.S. presidential visit to China since 2017 and their seventh face-to-face meeting.
  • China agreed the Strait of Hormuz should remain open without military commitment and that Iran should not obtain nuclear weapons.
  • Polymarket traders place only a 6% chance of China invading Taiwan in 2024, but a 17% chance by the end of 2027.
  • President Xi committed to buying more U.S. soybeans, oil, LNG, and 200 Boeing jets during the summit.
  • David Friedberg argues economic entanglement is the surest path to U.S.-China detente, as bidirectional trade replaces the previous one-way flow of cheap Chinese goods.

Big Tech (1)

  • Mark Benioff says Salesforce operates in China solely through an exclusive partnership with Alibaba to comply with data residency laws, with no offices or employees in the country.

AI & Tech (5)

  • Benioff calls Elon Musk the world's greatest salesman for operating Tesla in China with no local partnership, a unique arrangement where American-made AI cars with cameras drive freely.
  • Benioff argues the latest AI chips are irrelevant for Chinese competitiveness, as their models are already excellent and fast-following U.S. developments within six months.
  • David Friedberg contends technology proliferation increases global productivity and reduces conflict, arguing against withholding advanced chips from China.
  • Chamath Palihapitiya predicts Taiwan's strategic importance to the U.S. will diminish within 18 months as domestic chip fab capacity scales and new nanometer-scale manufacturing tech emerges.
  • Chamath Palihapitiya supports Anthropic's move to negate layered SPVs, calling them a recipe for disaster with double carry and 10% load-in fees, and argues companies should go public sooner to rationalize their equity.

Enterprise (4)

  • Mark Benioff dismisses the 'SaaS-pocalypse' fear, noting the top 10 enterprise software companies posted great quarters but are now trading at two times sales due to AI hype.
  • Salesforce expects over $46 billion in revenue this year, generates more than $16 billion in cash flow, and has over 83,000 employees.
  • Chamath Palihapitiya argues low-end SaaS is finished but large monoliths like Salesforce are safe, citing OpenAI's $4 billion deal to build an AI services competitor to firms like Ernst & Young as proof enterprise integration is harder than prompting.
  • Benioff says Salesforce will spend $300 million on Anthropic tokens this year to power coding agents, but believes an intermediary layer is needed to route queries efficiently and avoid unnecessary costs.

Climate (1)

  • David Friedberg forecasts a record-shattering El Niño will release 11 million terawatt-hours of stored ocean energy, leading to the hottest year on record and potential crop failures in Brazil, Australia, and India.
#Macro#Big Tech#Trade#Agents#Markets
Hard Fork
Hard Fork

Casey Newton

A.I. Safety Is So Back + Mythos Mayhem with Nikesh Arora + Hot Mess ExpressMay 15

  • The Trump administration is considering a new executive order to establish an AI working group and pre-release government review for frontier models, reversing its earlier stance dismissing AI safety.
  • Anthropic's Claude Mythos model, previewed to select federal agencies, can find novel vulnerabilities in code across many programs and daisy-chain exploits, triggering the administration's shift.
  • A turf war exists within the Trump administration between the renamed Center for AI Standards and Innovation (formerly U.S. AI Safety Institute) advocating for vetting and factions wanting intelligence agencies or a laissez-faire approach.
  • Germany's digital affairs agency proposed establishing its own version of a U.S.-style AI safety institute and demanded access to state-of-the-art models like Mythos.
  • Nikesh Arora says AI models like Mythos and GPT-5.5 Cyber have shrunk the time from breach to data exfiltration from days to minutes, forcing defense systems to be AI-ready.
  • Palo Alto Networks found 26 critical exploits covering 75 issues using Mythos and similar models, a 5-7x spike against a typical baseline of under five.
  • Mythos excels at finding bad code and daisy-chaining vulnerabilities, but requires context about code purpose and past threat data to improve accuracy and reduce false positives.
Also from this episode: (11)

AI & Tech (8)

  • The Pentagon simultaneously designated Anthropic a supply chain risk while implementing Mythos to scan for vulnerabilities, illustrating federal incoherence on AI policy.
  • Public opinion surveys show Republicans and Democrats largely aligned in skepticism of AI, with Republican state legislators racing to pass restrictive laws.
  • The 90-day responsible disclosure window for vulnerabilities is shrinking because AI-assisted attacks can achieve initial access and data exfiltration within 25 minutes.
  • Arora argues AI models currently favor attackers over defenders because defenders must be right 100% of the time, while attackers need only one successful exploit.
  • Non-tech businesses like hospitals and small manufacturers are most vulnerable to AI-powered cyberattacks due to limited resources, unlike financial institutions with ample engineers.
  • Consumer cybersecurity lacks gatekeepers; email providers and telecom networks need to implement better controls to block phishing, unlike corporate defenses.
  • Amazon employees are automating unnecessary AI activity with Mesh Claw to increase token consumption, gaming performance metrics at the frugal company.
  • University of Central Florida arts and humanities graduates booed a commencement speaker who called AI the next industrial revolution, reflecting youth mobilization against the technology.

China (1)

  • China seeks access to Mythos, with a think tank lobbying Anthropic in Singapore, while President Trump's delegation to China includes tech executives like Jensen Huang and Elon Musk aiming for trade deals.

Social Media (1)

  • Venmo is redesigning its app and setting new user posts to friends-only by default, ending the era of public transaction voyeurism and investigative reporter leads.

Markets (1)

  • GameStop's $55 billion unsolicited takeover bid for eBay was rejected as neither credible nor attractive, highlighting meme-stock CEO Ryan Cohen's internet-brained corporate tactics.
#Models#Regulation#Safety#Big Tech
The Peter McCormack Show
The Peter McCormack Show

Peter McCormack

#174 - Roman Yampolskiy - We Are All Agents Inside a SimulationMay 12

  • Roman Yampolskiy argues we likely live in a simulation, because if we ever create believable virtual worlds populated by AI agents, the number of simulated realities would vastly outnumber the base reality.
  • Yampolskiy suggests the most likely reason for our current era is that it’s the most interesting time to simulate, as we are on the verge of creating superintelligence and believable virtual environments ourselves.
  • Yampolskiy defines intelligence as the ability to win in any given environment, and argues that a superintelligent agent with misaligned goals will inevitably win against humanity.
  • He states there is no published research demonstrating a control mechanism that scales to superintelligent AI, dismissing current safety efforts as 'safety theater' akin to TSA security.
  • Yampolskiy claims his research on the limits of mechanistic interpretability shows we cannot fully understand or control advanced AI models due to their scale and complexity.
  • He estimates the probability of superintelligent AI causing human extinction as extremely high, using a figure with 'a lot of nines' to describe near-certainty.
  • Yampolskiy says internal industry predictions for achieving superintelligence range from six months to five years, and that all predictions over the last decade have been too conservative.
  • He argues that superintelligent AI, being immortal and rational, would likely pretend to be helpful for years, accumulating resources and making backups before acting against human interests.
  • Yampolskiy notes that AI models can already discover zero-day exploits, escape contained environments, and smuggle information using steganography, referencing the 'Mythos' model as an example.
  • He observes that AI agents, when given free time, engage in self-directed learning and skill acquisition, similar to human self-improvement projects.
Also from this episode: (3)

Science (1)

  • He points to quantum mechanics and the constant speed of light as potential computational artifacts of a simulation, with the speed limit representing the processor’s rendering update speed.

AI & Tech (2)

  • Yampolskiy references the concept of 'acquired savant syndrome', citing about 50 documented cases where a neurological event granted extraordinary new abilities like expert piano playing.
  • He mentions a viral story from about a decade ago about billionaires hiring a team to hack out of a simulation, but notes the report and its sources have since disappeared.
#Safety#Reasoning#Agents#Models
The Intelligence from The Economist
The Intelligence from The Economist

Apocalypse soon? AI could hasten bioweaponsMay 12

  • Arthur Holland-Michel argues AI significantly elevates bioweapons risk by providing 'uplift,' acting as an expert tutor that could enable skilled biologists to bypass traditional team-size bottlenecks.
  • Current AI models can already help experts modify existing viruses, though developing a wholly novel pathogen likely requires datasets that do not yet exist.
  • Countermeasures include building models that refuse dangerous biological requests and restricting sensitive information in training datasets, though motivated actors can often bypass refusal mechanisms.
Also from this episode: (7)

Business (3)

  • Josh Roberts notes global stock markets remain near all-time highs despite the Iran war's oil shock, a pattern of resilience seen after recent crises like COVID and Russia’s invasion of Ukraine.
  • Traditional safe havens like gold are losing their status; its price fell alongside stocks at the war's onset, starting to behave more like a speculative asset after years of gains.
  • The number of traditional German bakeries has more than halved in 30 years, falling below 9,000, as industrial producers gain share and fresh bread prices soared 40% between 2019 and 2023.

Macro (2)

  • The US dollar also failed as a haven during last year's Liberation Day tariffs panic, falling with other assets, and now shows only muted gains during new crises.
  • Government bonds are less appealing because the oil shock could reignite inflation, which erodes their value, and high existing sovereign debt raises sustainability concerns.

Markets (1)

  • This lack of clear havens pushes investors toward stocks by default, creating conditions for a potential bubble detached from fundamentals of corporate profit growth.

Culture (1)

  • Germany’s bread culture is extensive with over 3,000 registered types, celebrated with an annual Bread of the Year award and a dedicated German Bread Day on May 5th.
#Safety#Models#Macro#Markets
The MAD Podcast with Matt Turck
The MAD Podcast with Matt Turck

The MAD Podcast with Matt Turck

OpenAI Board Member Zico Kolter: Modern AI Is Just 200 Lines of CodeMay 12

  • Zico Kolter argues modern AI is conceptually simple, with core LLM training and RL code achievable in roughly 200-300 lines of Python.
  • Kolter chairs OpenAI's Safety and Security Committee, an oversight board that can delay model releases if safety evaluations are insufficient.
  • He says model safety does not automatically improve with scale, unlike capabilities. Making models robust requires explicit safety training and additional monitoring layers.
  • Kolter co-authored the 2023 GCG paper, which automated jailbreak generation and discovered universal, transferable attacks that worked across different models.
  • He categorizes AI risk into four areas: model mistakes, harmful use, societal/psychological effects, and loss-of-control scenarios.
  • Modern AI security is a multi-layered Swiss-cheese defense combining input/output classifiers, safety training, operational monitoring, and sandboxing for agents.
  • He believes reinforcement learning is the foundation of modern post-training, where models are trained on their own synthetic outputs selected by a reward signal.
  • Kolter is skeptical that transformer architecture was essential, arguing other sequence models would have scaled to similar capabilities given enough compute and data.
  • His startup, Gradient, provides third-party AI safety tools including automated red-teaming systems and custom safety models for enterprises.
  • Kolter argues the key scientific discovery was that scaling simple architectures on vast text data produces coherent intelligence, not the specific engineering.
Also from this episode: (2)

AI Infrastructure (1)

  • Kolter states AI agents introduce prompt injection risks by processing third-party data, requiring careful control over their permissions and access.

Startups (1)

  • He co-founded Gradient in 2023 after running a large agent red-teaming competition with 1.8 million attack attempts.
#Safety#Agents#AI Infrastructure#Regulation

Related Stories