Talk:Nicholas Carlini

Nicholas Carlini has been listed as one of the Engineering and technology good articles under the good article criteria. If you can improve it further, please do so. If it no longer meets these criteria, you can reassess it.
Review: September 8, 2024. (Reviewed version).

This article must adhere to the biographies of living persons (BLP) policy, even if it is not a biography, because it contains material about living persons. Contentious material about living persons that is unsourced or poorly sourced must be removed immediately from the article and its talk page, especially if potentially libellous. If such material is repeatedly inserted, or if you have other concerns, please report the issue to this noticeboard.

If you are a subject of this article, or acting on behalf of one, and you need help, please see this help page.

This article is rated GA-class on Wikipedia's content assessment scale.
It is of interest to the following WikiProjects:

Google Low‑importance

This article is within the scope of WikiProject Google, a collaborative effort to improve the coverage of Google and related topics on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.GoogleWikipedia:WikiProject GoogleTemplate:WikiProject GoogleGoogle articles

Low This article has been rated as Low-importance on the project's importance scale.

WikiProject Google To-do:

Here are some tasks awaiting attention:

Article requests : Articles for most of the other products listed here and here.
Assess : All articles in the Category:Unknown-importance Google articles and Category:Unassessed Google articles using the project's assessment scale
Expand : Google Mapathon, Google Talkback
Maintain : This WikiProject
Merge : Google mobile services into List of Google products
Stubs : Category:Stub-Class Google articles and Category:Google stubs
Update : List of features in Android and Gmail interface#Product integration. Update logos of Google Marketing Platform products
Other :
- Add more stuff to this to do list if you like! (click here...)
- create:
- Help the Google article for a good article status
- Improve the Outline of Google
- Get more members using :
{{subst:Wikipedia:WikiProject Google/Invite Members}}
- Infobox Images with transparent areas needing a different background color

Biography

This article is within the scope of WikiProject Biography, a collaborative effort to create, develop and organize Wikipedia's articles about people. All interested editors are invited to join the project and contribute to the discussion. For instructions on how to use this banner, please refer to the documentation.BiographyWikipedia:WikiProject BiographyTemplate:WikiProject Biographybiography articles

Computing Low‑importance

	This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
Low	This article has been rated as Low-importance on the project's importance scale.

Computer Security: Computing Low‑importance

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles

Low

This article has been rated as Low-importance on the project's importance scale.

This article is supported by WikiProject Computing (assessed as Low-importance).

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

A fact from Nicholas Carlini appeared on Wikipedia's Main Page in the Did you know column on 25 September 2024 (check views). The text of the entry was as follows:

Did you know... that Nicholas Carlini showed that ChatGPT could leak personal information?

A record of the entry may be seen at Wikipedia:Recent additions/2024/September. The nomination discussion and review may be seen at Template:Did you know nominations/Nicholas Carlini.

Wikipedia

GA Review

Passed. Vacant0 (talk • contribs) 10:36, 8 September 2024 (UTC)[reply]

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

This review is transcluded from Talk:Nicholas Carlini/GA1. The edit link for this section can be used to add comments to the review.

Nominator: Sohom Datta (talk · contribs) 00:28, 2 September 2024 (UTC)[reply]

Reviewer: Vacant0 (talk · contribs) 10:50, 3 September 2024 (UTC)[reply]

Hi, thanks for nominating this article. I'll review it during the course of this week. Vacant0 (talk • contribs) 10:50, 3 September 2024 (UTC)[reply]

GA review (see here for what the criteria are, and here for what they are not)
It is reasonably well written. a (prose, spelling, and grammar): b (MoS for lead, layout, word choice, fiction, and lists): It is factually accurate and verifiable, as shown by a source spot-check. a (references): b (citations to reliable sources): c (OR): d (copyvio and plagiarism): It is broad in its coverage. a (major aspects): b (focused): It follows the neutral point of view policy. Fair representation without bias: It is stable. No edit wars, etc.: It is illustrated by images, where possible and appropriate. a (images are tagged and non-free images have fair use rationales): b (appropriate use with suitable captions):
Overall: Pass/Fail:
· · ·

Initial comments

There is unlikely any copyright violation in the article. Earwig's Copyvio Detector has reported only 20.0% in similarity.
There are no cleanup banners, such as those listed at WP:QF, in the article.
The article is stable.
No previous GA reviews.

General comments

Prose, spelling, and grammar checking.
- No major issues were found in the article. I've made some minor improvements: See Special:Diff/1244379524.
Checking whether the article complies with MOS.
- Change "Research" to "Career".
  - Done - S
- Reword "More recently", "Recently", "sometimes" all are listed MOS:WTW violations.
  - Partly done - S, "sometimes" is correct in its context. The original blog post [1] itself noted that the attack works "often" (possibly due to the unpredictability of the AI model).
- Change "well known" to just "known".
  - Done - S
- The rest of the article complies with the MOS:LEDE, MOS:LAYOUT, and MOS:WTW guidelines. There is no fiction and embedded lists within the article, so I am skipping MOS:WAF and MOS:EMBED.
Checking refs, verifiability, and whether there is original research.
- Reference section with a {{reflist}} template is present in the article.
- No referencing issues.
  - Expand Ref 5 and 10 by adding work/website.
    - Done - S
- Most listed references are reliable.
- I've spotchecked the entire article:
  - Education section content is verifiable.
  - I do not have access to Ref 4 so I cannot verify what's written inside.
  - Ref 5 seems to only verify that he has worked on adversarial machine learning. I could not verify the rest of the sentences, so I assume that's written in Ref 4.
  - Ref 6 and 7 verify the sentence.
  - Ref 8 verifies the sentence.
  - Ref 9 just cites Carlini's work. I do not see any mentions that indicate that Carlini worked on the questionnaire.
  - Ref 10 verifies the sentence. Ref 11 does not mention Carlini.
  - Ref 12 verifies the sentence (Carlini is not mentioned directly in the source, though, but only as "one of the researchers").
  - Ref 13 verifies the sentence.
  - Ref 14 verifies the sentence (Again, Carlini is not mentioned directly in the source but only as one of the researchers).
  - Ref 15 verifies the sentence.
  - Ref 16–20 verify the awards.
  - Ref 21 just mentions "carlini". How do we know that it's Nicholas Carlini?
  - Refs 1, 3, and 15 to 21 all seem to be primary sources and/or not independent of the subject. This, with the two refs not mentioning Carlini directly but as "one of the researchers", leaves me divided on whether the person even meets WP:GNG.
Checking whether the article is broad in its coverage.
- Wikilink Carlini & Wagner attack in the lede.
- No issues, everything is well explained. The article addresses the main aspects, and it stays focused on the topic.
Checking whether the article is presented from an NPOV standpoint.
- I've listed above some WTW issues that should be addressed.
- "many other defenses" – do we know which? If not, rephrase this.
  - There isn't an RS that discusses all the defenses that had been broken using this attack. Based solely on Carlini's work during his PhD, there are at least 19 defenses that were broken using variations of the Carlini Wagner attack (7 of which were from the ICLR conference incident mentioned in the article), and the rest are mentioned in this paper by Carlini and this other paper by Carlini. I think Carlini himself claims to have broken over 30 defenses in a recent blog post [2], however, even if we take the lower estimate, the phrasing of "many defenses" is justified.
Checking whether the article is stable.
- As noted in the initial comments, the article has been stable.
Checking images.
- There are no images in the article.

Final comments

@Sohom Datta: I'll put the review on hold for a week for you to address the issues. I'm particularly divided on whether the person meets WP:GNG due to reasons listed above. Once most issues get addressed, I might ask someone for a second opinion regarding this issue. Vacant0 (talk • contribs) 20:34, 6 September 2024 (UTC)[reply]

@Vacant0 Sound good, I'll work through these over the weekend, three points:

About Ref 4, I can send the pdf to you through email if you are interested, (also, I think The Wikipedia Library should also allow you to access almost any IEEE paper including that one)
Wrt Ref 21, it can't really be anyone else, the feat achieved at ioccc was cursed enough that it required specialized knowledge and Carlini was the only person who has proved that the "printf" was turing complete in their 2015 paper. (Also see their github where they archived the version of the program they submitted)
Wrt to the question of notability, I think the person happily passes WP:NPROF having had an attack named after him (pretty rare in computer security) which is also the single highest cited paper in machine learning security (9737 citations per google scholar), also see [3] not to mention the fact that their work is covered by multiple RS.

Sohom (talk) 21:39, 6 September 2024 (UTC)[reply]

Okay, thank you for clarifying regarding his notability. I've found Ref 4 on TWL and it verifies the sentences that is cited to in this article. Vacant0 (talk • contribs) 21:46, 6 September 2024 (UTC)[reply]

@Vacant0I've actioned most of the issues and left some comments for some of them. Let me know what you think. Sohom (talk) 23:09, 7 September 2024 (UTC)[reply]

Looks good to me. Promoting. Vacant0 (talk • contribs) 10:35, 8 September 2024 (UTC)[reply]

The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Did you know nomination

The following is an archived discussion of the DYK nomination of the article below. Please do not modify this page. Subsequent comments should be made on the appropriate discussion page (such as this nomination's talk page, the article's talk page or Wikipedia talk:Did you know), unless there is consensus to re-open the discussion at this page. No further edits should be made to this page.

The result was: promoted by DimensionalFusion talk 13:12, 17 September 2024 (UTC)[reply]

(

Comment or view
Article history

)

... that Nicholas Carlini showed that ChatGPT could leak personal information?

Source: https://www.wired.com/story/chatgpt-poem-forever-security-roundup/

ALT1: ... that, in 2018, Nicholas Carlini's team broke 7 of the 11 AI defenses presented in the ICLR conference that year? Source: https://www.wired.com/story/ai-has-a-hallucination-problem-thats-proving-tough-to-fix/
Reviewed: Template:Did you know nominations/Answers Research Journal

Improved to Good Article status by Sohom Datta (talk) and 2401hz (talk). Number of QPQs required: 1. Nominator has 10 past nominations.

Sohom (talk) 14:39, 8 September 2024 (UTC).[reply]

General: Article is new enough and long enough
New enough: Long enough:

Policy: Article is sourced, neutral, and free of copyright problems
Adequate sourcing: Neutral: Free of copyright violations, plagiarism, and close paraphrasing:

Hook: Hook has been verified by provided inline citation
Cited: Interesting:

QPQ: Done.

Overall: Approved ALT0. ALT1 is rejected, and I'll provide a couple comments on it which you can feel free to ignore if you prefer ALT0. The phrasing could certainly be tighter: you don't need to say "in 2018" and "that year" in the same sentence. "ICLR" is an initialism used without context, so I might pipe that link as "a 2018 conference". Also, the source uses the word "broken" in quotes for a reason: it's not clear exactly what breaking a defense means in this context, and it seems to only be a claim from the team, not a fact that the source is backing. —TechnoSquirrel69 (sigh) 18:24, 8 September 2024 (UTC)[reply]

I think it makes sense to go forward with only ALT0, we could try and get ALT1 to work but trying to explain "defenses" would probably make the hook fail WP:DYKINT since that would require talking about what adversarial examples are. Sohom (talk) 19:11, 8 September 2024 (UTC)[reply]

@TechnoSquirrel69: The DYK bot only picks up the approval if the green tick is the last symbol: the rejection symbol is blocking the hook's approval. If If one of the ALTs is approved, can you add a green tick below, indicating the hooks that are approved? Thanks, Z1720 (talk) 14:42, 9 September 2024 (UTC)[reply]

Thanks Z1720, that's good to know! Hello bot, ALT0

appoved. —TechnoSquirrel69 (sigh) 15:38, 9 September 2024 (UTC)[reply]