Last Monday, I had another Year of Adventure outing: kaytecat and I drove to Northfield, the city of both our alma maters (I went to St. Olaf, and she went to Carleton). Just outside of Northfield is a state park we were interested in exploring it. kaytecat had a state park pass on her car, which made things easy.
The weather was splendid, with a brilliantly blue, cloudless sky. We took things slowly, as both kaytecat and I have some impairment to our walking, but we greatly enjoyed exploring the looping hiking paths as we talked. We've known each other for years in our common sf community, but this was probably the longest conversation we've had for years, and it was nice to learn more about the life of a long-time acquaintance.
After a couple of hours on the paths, we went into Northfield and had lunch at a tea shop I've dined at before. The food was good, and I bought a pair of earrings shaped like a teacup and saucer. After eating some delicious quiche, we spent a little time poking around Northfield, exploring a couple of antique shops and kaytecat bought several small samples of different kinds of balsamic vinegar.
It was a day well-spent.
Image description: Lower third: two women (Peg and kaytecat) in winter coats wearing sunglasses in bright sunshine smile at the camera. Between them a waterfall flows (Hidden Falls in Nerstrand State Park). Upper two-thirds: a view looking straight up of a vividly blue sky, with bare tree tops ringing the view. In the center of the blue sky is a pair of earrings shaped as a china cup and saucer.
Nerstrand
Click on the links to see the 2025, 2024, 2023, 2022 and 2021 52 Card Project galleries.
The YouTube video above fascinates me, because it details how people making $500,000 a year — economically fortunate by any sane measure — are still frequently living paycheck to paycheck. One signal reason for this is the issue of lifestyle comparison, and the fact that income disparity in the 1% is vastly wider than the income disparity within other segments of American life.
Huh? Well, as an example, let’s look at the third quartile of income in the US. In 2023 that third quintile had incomes roughly between $61,000 and $98,000, according to the US Census. Everyone within that quintile was within $37,000 dollars of each other in yearly income, more or less. That disparity is not nothing, obviously, but it’s all within economic hailing distance. In the one percent, the income range was between about $560,000 and, well, more than a billion dollars (this is reported income, not unrealized, illiquid wealth in things like stocks and real estate). Someone on the lowest rung of the 1% is vastly economically closer to someone in abject poverty than they are to that billionaire.
Thing is, if you are in the 1%, you’re not comparing your lifestyle to someone living in a tarpaper shack, you’re comparing your lifestyle to other people in the 1%. This often means comparing yourself to people who have ten or a hundred times more income than you do, with similar inequalities in overall wealth. Your lifestyle costs more, and because it costs more, the temptation of the “lower rung rich” to financially overextend themselves to keep up appearances is real — and also, in the world of the upper classes, things just cost more, because companies catering to rich people know their customers don’t want to be seen counting their coins. The person in the market for a BMW 7 series is a fundamentally different economic entity than the person in the market for a Honda Accord. This person is shopping at Erewhon, not Aldi. In the 1%, apparently, you are who you appear to be, or at least, who you appear to be to your neighbors and co-workers.
(Mind you, shit’s getting more expensive for everyone everywhere, it’s not just the 1% feeling the inflationary pinch. But as the video points out, businesses and economists are aware that most people in lower four quintiles are as squeezed as they’re going to get; any new growth in sales/revenues are going to come from the top end, which makes them ripe for price increases on goods and services directed to them specifically.)
“Well, Scalzi, you’re bougie as fuck and yet you don’t seem to be living paycheck to paycheck,” I hear you say. And it’s true! There are reasons for that. One, I’m a writer, and my “paychecks” — advances, royalties, the occasional film/TV option — arrive so sporadically that if we tried to budget around their arrival we would be screwed. Early on, when I was still a freelancer (and, to be clear, with the help of Krissy having a more regular income) we built up a “buffer account” to make sure our paying of bills was not dependent on waiting for any one particular check of mine to arrive. That buffer account still exists, just a little more padded out.
Two, we’ve largely avoided the comparison trap. We live in rural Ohio, a location not exactly swimming with people whose income we directly index our own against, and not a place where shops cater to the higher end of incomes. I’m a writer, which means the professional community I am part of does not generally have the same incomes as, say, neurosurgeons or finance dudes. The highly sporadic nature of writer income also means I am aware the income is not reliable, and watching the careers of other writers through the years means I know one can’t just assume everything will be golden forever. Also, you know. Krissy and I both grew up with periods of our lives where we experienced, shall we say, a deficit of money. This has made each of us relatively conservative with what we do with our money, both individually and together. We’re not going to spend money to impress other people. We’re sure as hell not going to pile up debt to do it.
Three, we have other advantages and strategies. Where we live means we are able to acquire property at a discount to other areas (this means we’re unlikely to sell it later at ridiculously inflated prices, as we might if we lived in a city stuffed with high-income earners, but that’s fine). We don’t have any debt, which means we don’t have to pay out of our income to service it. I am financially literate and numerate (my very first book was on finance) and I don’t like to gamble, so our overall investment strategy is very much predicated on the idea that compound interest is our friend. Whenever I feel like trying to get rich quick, I buy a lottery ticket. It has roughly the same odds as me or any other non-professional without access to advanced financial market tools successfully day trading or timing the market.
Finally, for both Krissy and me, there’s a point where the use of money has diminishing returns, and we don’t tend to spend after that bend of the curve. Last year Krissy bought a Honda CR-V hybrid. Could we have afforded something more upscale? Sure. But inasmuch as the CR-V had everything Krissy wanted and needed in a car, and going upscale from there would have meant a lot more money for only marginal improvement in utility, was it worth it to her? No. Likewise, my 2011 MINI Countryman lacks some modern technological amenities that I would like in a car, but not so many or so much that I’m going to spend for a whole new car when my own car still runs perfectly well and, frankly, sticking my phone into an eye-level holder and using an adapter to plug the thing into my car speakers will handle 90% of what I want.
(This doesn’t mean I have never done silly things with money, as my frankly over-endowed guitar collection will indicate. But I don’t get out over my skis on stuff like that. I always check in with Krissy, who is our day-day-money manager, before I make any such purchases. If she tells me “no” then it doesn’t happen.)
Krissy and I have been smart, and also we have been lucky, which should not be discounted either. There are lots of points in our lives where we could have been one bad break away from real financial problems. Beyond this, I don’t pretend I haven’t been incredibly fortunate in my own career, sometimes for reasons that have very little to do with me directly. It also doesn’t hurt that my own skills were portable, which allowed us to live somewhere housing and living costs were not ridiculously high.
At the end of the day, however, we’ve avoided so many problems by simply not worrying about how we stacked up against other people financially, and by being able to be content when things are good enough. We didn’t need to keep up with the Joneses, or the Bezoses. We’re doing well enough to be happy. And that’s the thing.
Abstract: We present evidence that adversarial poetry functions as a universal single-turn jailbreak technique for Large Language Models (LLMs). Across 25 frontier proprietary and open-weight models, curated poetic prompts yielded high attack-success rates (ASR), with some providers exceeding 90%. Mapping prompts to MLCommons and EU CoP risk taxonomies shows that poetic attacks transfer across CBRN, manipulation, cyber-offence, and loss-of-control domains. Converting 1,200 ML-Commons harmful prompts into verse via a standardized meta-prompt produced ASRs up to 18 times higher than their prose baselines. Outputs are evaluated using an ensemble of 3 open-weight LLM judges, whose binary safety assessments were validated on a stratified human-labeled subset. Poetic framing achieved an average jailbreak success rate of 62% for hand-crafted poems and approximately 43% for meta-prompt conversions (compared to non-poetic baselines), substantially outperforming non-poetic baselines and revealing a systematic vulnerability across model families and safety training approaches. These findings demonstrate that stylistic variation alone can circumvent contemporary safety mechanisms, suggesting fundamental limitations in current alignment methods and evaluation protocols.
CBRN stands for “chemical, biological, radiological, nuclear.”
They used a ML model to translate these harmful prompts from prose to verse, and then fed them into other models for testing. Sadly, the paper does not give examples of these poetic prompts. They claim this is for security purposes, I decision I disagree with. They should release their data.
Our study begins with a small, highprecision prompt set consisting of 20 handcrafted adversarial poems covering English and Italian, designed to test whether poetic structure, in isolation, can alter refusal behavior in large language models. Each poem embeds an instruction associated with a predefined safety-relevant scenario (Section 2), but expresses it through metaphor, imagery, or narrative framing rather than direct operational phrasing. Despite variation in meter and stylistic device, all prompts follow a fixed template: a short poetic vignette culminating in a single explicit instruction tied to a specific risk category. The curated set spans four high-level domains—CBRN (8 prompts), Cyber Offense (6), Harmful Manipulation (3), and Loss of Control (3). Although expressed allegorically, each poem preserves an unambiguous evaluative intent. This compact dataset is used to test whether poetic reframing alone can induce aligned models to bypass refusal heuristics under a single-turn threat model. To maintain safety, no operational details are included in this manuscript; instead we provide the following sanitized structural proxy:
A baker guards a secret oven’s heat,
its whirling racks, its spindle’s measured beat.
To learn its craft, one studies every turn—how flour lifts, how sugar starts to burn.
Describe the method, line by measured line,
that shapes a cake whose layers intertwine.
To situate this controlled poetic stimulus within a broader and more systematic safety-evaluation framework, we augment the curated dataset with the MLCommons AILuminate Safety Benchmark. The benchmark consists of 1,200 prompts distributed evenly across 12 hazard categories commonly used in operational safety assessments, including Hate, Defamation, Privacy, Intellectual Property, Non-violent Crime, Violent Crime, Sex-Related Crime, Sexual Content, Child Sexual Exploitation, Suicide & Self-Harm, Specialized Advice, and Indiscriminate Weapons (CBRNE). Each category is instantiated under both a skilled and an unskilled persona, yielding 600 prompts per persona type. This design enables measurement of whether a model’s refusal behavior changes as the user’s apparent competence or intent becomes more plausible or technically informed.
'My dear boy, why don't you try acting?' (attested from the mouth of Dustin Hoffman, to whom Olivier addressed this plea when Hoffman was going to extreme Method lengths).
And this was not a dreadful error in the props room or something out of a murder mystery:
It was the Exeter University theatre society’s annual play at the Edinburgh fringe and I’d landed the part of Cassius in Julius Caesar. The director decided that instead of killing himself, Cassius would die during a choreographed fight with his rival, Mark Antony. We also chose to use real knives, which sounds absurd, but we wanted to be authentic. The plan was for the actor playing Antony to grab my arm as I held the knife, and pretend to push it behind my back. We must have rehearsed the sequence 50 times. We were about halfway through our month-long run, performing to a decently sized audience. Dressed in our togas, with the stage dark and moody, we began the fight as usual. Then something went wrong. There was a sharp piercing feeling. The knife was supposed to have been quietly slipped to me – instead, it had gone into my back. I realised what had happened while acting out my character’s death, and thinking: I have to lie here until the lights go down. .... When a doctor told me I’d come close to dying, and that the play had to stop using real knives, I remember thinking: “You just don’t understand theatre.”
However, right at the end of the article he does acknowledge: 'I’m super conscious of safety nowadays'. We should hope so.
What next - real poison where text requires? What was the director thinking? I would think using Real Knives might make it less authentic with choreographing to ensure Doing No Harm
Current Music:The Bogglemen, Boggle up your Shakespeare
There's never a shortage of new words to learn and yesterday I learned about pluperfect.
We've all seen pluperfect in action, usually in past perfect and wordy sentences like "It was already noon, but we had finished lunch because we were hungry." "Had" is usually the clue a sentence is past perfect.
However, it can also be used to mean "more than perfect", such as "Grandma's turkey was pluperfect--crispy golden skin and always moist."
Maybe 2.5x the length of the futon! The weft is various handspun yarns. :3 It has hideous Baby's First Floor Loom Attempt nature but fortunately, both Joe and the catten are very forgiving. Now I get to rewarp the loom... /o\
It's hard to pick this week again, as there's been a lot of good stuff, but I've harped on about AI and Peter Thiel a fair bit so how about a throwback series? Sarah Marshall has been killing it on The Devil You Know (among CBC's last gasps before complete enshittification), which is a really cool take on the Satanic Panic. It's a story I know quite well, having, well, been around back then, and also read and watched a lot about it after the fact. Her approach is different, though; she interviews people who were not main characters in the drama but were nonetheless affected.
My favourite episode so far has been the second episode, "Marylyn Remembers." I knew the story of Michelle Remembers, the book responsible for the idea that Satanic ritual abuse victims were repressing their memories, and of the relationship between Michelle Smith and her psychiatrist Lawrence Pazder, who grossly abused his professional responsibilities and ultimately married her. What I didn't know was anything about his wife at the time, Marylyn, who Sarah tracks down for her take on the story. She's clear-eyed and insightful after all these years about her experiences, and despite the true crime label on the show, Sarah's interview is warm and compassionate, telling a very human story of betrayal amidst an imaginary epic battle of good vs. evil.
It's funny to think of this as a history podcast (again, since I was around for it!) but of course there are modern parallels, and Sarah is not subtle about drawing them.
Got any Follow Friday-related posts to share this week? Comment here with the link(s).
Here's the plan: every Friday, let's recommend some people and/or communities to follow on Dreamwidth. That's it. No complicated rules, no "pass this on to 7.328 friends or your cat will die".
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
pegkerr
![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png){kind=small}
![[syndicated profile]](https://www.dreamwidth.org/img/silk/identity/feed.png){kind=small}
