This is a really good post! I have some bold, unsubstantiated claims to make that I’m curious on people’s thoughts on. Source: I’ve done some small amount of security-related work / coursework, hung around a lot of infosec-ey type people in college, and tried to hire a security officer once.
I’ve noticed some hard to articulate but consistent seeming differences in personality / mindset in people I know who work in security. I think it’s plausible that it’s much harder to become “good” at infosec through pursuing an infosec career path than to be come “good” at machine learning by pursuing a machine learning career path. I think this may be especially true the broader you go, e.g. you might be able to become “good” at securing web browsers, but will have trouble transferring general infosec insights to broader problems like biosecurity.
As a result, I think it might be worth EA effort getting people who are already fairly far in the infosec field to be more concerned about GCRs. (Though I think getting people to try infosec careers is also worth it.)
Related to this, many people people I know in infosec think EA concerns about GCRs are wrong for a variety of reasons, even though a lot of them have ex-risky style thoughts about how e.g. surveillance could lead to a totalitarian state with a lot of lock-in. I think this might be an interesting viewpoint difference to look into.
Is it easy to say more about (1) which personality/mindset traits might predict infosec fit, and (2) infosec experts’ objections to typical GCR concerns of EAs?
This is a really good post! I have some bold, unsubstantiated claims to make that I’m curious on people’s thoughts on. Source: I’ve done some small amount of security-related work / coursework, hung around a lot of infosec-ey type people in college, and tried to hire a security officer once.
I’ve noticed some hard to articulate but consistent seeming differences in personality / mindset in people I know who work in security. I think it’s plausible that it’s much harder to become “good” at infosec through pursuing an infosec career path than to be come “good” at machine learning by pursuing a machine learning career path. I think this may be especially true the broader you go, e.g. you might be able to become “good” at securing web browsers, but will have trouble transferring general infosec insights to broader problems like biosecurity.
As a result, I think it might be worth EA effort getting people who are already fairly far in the infosec field to be more concerned about GCRs. (Though I think getting people to try infosec careers is also worth it.)
Related to this, many people people I know in infosec think EA concerns about GCRs are wrong for a variety of reasons, even though a lot of them have ex-risky style thoughts about how e.g. surveillance could lead to a totalitarian state with a lot of lock-in. I think this might be an interesting viewpoint difference to look into.
Is it easy to say more about (1) which personality/mindset traits might predict infosec fit, and (2) infosec experts’ objections to typical GCR concerns of EAs?