@heidykhlaaf
Climber 🇪🇬 |Chief AI Scientist at @ainowinstitute.bsky.social | Safety engineer (nuclear, defense, software & AI/ML) | TIME 100 AI | MIT 35 U 35 x-Trail of Bits, OpenAI, Microsoft Research https://www.heidyk.com/
It was great to join @aljazeera.com's podcast "The Take" to discuss the details of the DoW's use of Claude in Iran, as well as the stand-off between DoW and Anthropic that was largely safety theatre.
www.youtube.com/watch?v=skyI...
In this Tech Policy piece, I criticize how framings of Anthropic’s & OpenAI’s negotiations with the US’s DoW overindex on myopic interpretations of human oversight, papering over what should be the real target of our scrutiny: that generative AI algorithms are a flawed and inaccurate technology.
Exactly.
It’s egregious for the WaPo to describe speed as the advantage against Iran w/ Claude. When these systems are incredibly inaccurate, they may as well be enabling indiscriminate targeting (e.g. schools), which isn’t the strategic win they’re framing it as.
www.washingtonpost.com/technology/2...
Was happy to speak to Vox on OpenAI's alleged AWS guardrails. Besides current guardrails being trivial to bypass, they can't enforce human oversight over the outputs of an AI algorithm. It's an operational matter not a technical one, and thus infeasible by any guardrails.
www.vox.com/future-perfe...
![Using foundation models in national security contexts may introduce unique concerns threatening human rights. For example, a government’s ability to train models on citizens’ data obtained through commercial data brokers that would otherwise need a warrant, court order, or subpoena to obtain may
allow governments to further exercise coercive powers that are automated through AI decision-making [6].
Such use may subvert due process, exacerbated when inaccurate outputs inflict unjust harms on civilians.
Appropriate interventions may include the extension of data minimization principles to include purpose
limitations on the collection, processing, and transfer of personal data to third parties for intelligence
purposes.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:uvsuoi63hmxbr35fmozsghpc/bafkreidimyup4jtvkon4ol6zy64aholhnvcc3tnba2gymopmqmzkevaxxi@jpeg)
Using foundation models in national security contexts may introduce unique concerns threatening human rights. For example, a government’s ability to train models on citizens’ data obtained through commercial data brokers that would otherwise need a warrant, court order, or subpoena to obtain may allow governments to further exercise coercive powers that are automated through AI decision-making [6]. Such use may subvert due process, exacerbated when inaccurate outputs inflict unjust harms on civilians. Appropriate interventions may include the extension of data minimization principles to include purpose limitations on the collection, processing, and transfer of personal data to third parties for intelligence purposes.
The Atlantic notes how the Pentagon wants to "analyze bulk data collected from Americans." From our "Mind the Gap" paper 2024, a snippet I have come back to what seems like dozens of time at this point.
www.theatlantic.com/technology/2...
The Anthropic-U.S. DoD public dispute continues. We have unpacked the latest updates & the safety, legal & ethical concerns in our @opiniojuris.bsky.social article
@jessicadorsey.bsky.social @elkeschwarz.bsky.social @profbode.bsky.social @ncrenic.bsky.social
opiniojuris.org/2026/03/02/i...
This account includes an eyewitness.
Also: “At least 85 people, almost all of them young girls, have been killed in an air strike on a primary school in southern Iran, the Iranian judiciary said.”
In case you’re just waking up, the U.S. has teamed up with Israel overnight to start an illegal war of regime change, apparently on a presidential whim with no involvement of Congress, and they are already committing horrific atrocities.
Every single outlet that uncritically recites Israel's self-designation of "preemptive strikes" should be permanently shut down for good. Straight up. Definitionally no such thing as a "preemptive" attack when the country being attacked had no plan nor indication of planning to attack first.
I consider this a loss rather than a win, as just a few years ago the redline was any military use, now it’s the most extreme use case of LAWS. AI companies have successfully moved safety thresholds without effective internal pushback.
www.nytimes.com/2026/02/26/t...
I have to give Anthropic credit for recognizing that deploying unreliable AI in AWS is not strategic for the future of AI. But there's a very fine line between DSS and AWS in practice due to automation bias, if they don't believe it's reliable for the latter, it's not reliable for the former either.
Some real cognitive dissonance happening with takes saying "but Anthropic HAD to drop their safety measures, they're the good guys you see!" Anyway from our paper last year:
If flawed and inaccurate LLMs are instrumented in AWS by replacing humans for decision making, then "wars" may as well be indiscriminate lethal campaigns. Anthropic's position also isn't a moral high ground given their AI-DSS uses w/ Palantir, where automation bias may lead to similar outcomes.
There's a constant AI-washing of terms so these companies can claim they're solving a problem that doesn't exist with AI. Static analysis/formal methods also put forward suggestions, have they even used these tools?
Claude Code may also generate up to 90% insecure code (arxiv.org/pdf/2512.03262).
As a formal methods PhD, it's embarrassing for Anthropic to incorrectly describe static analysis in their Claude Code Security announcement. Security and formal methods engineers already have data "reasoning" tools, this isn't the bottleneck, false positives, which LLMs absolutely have, is.
This new Lancet study would indicate that the death toll in Gaza is actually around 120,000 at minimum, if the undercount rate is similar since January 2025.
Just absolutely disgusting.
I really It's kinda weird how the "The left hates technology (because AI)" mostly come from people whose experience with tech is on the level of vibecoding and the "left" they criticize consists to a significant part of people who've been actually building and maintaining systems for decades.
"We present the first representative international data on firm-level AI use... firms report little impact of AI over the last 3 years, with over 80% of firms reporting no impact on either employment or productivity."
www.nber.org/papers/w34836
NEW: CBP signs a new deal with Clearview AI to access its scraped image database for "tactical targeting," including efforts to “disrupt, degrade, and dismantle” networks of people labeled security threats.
“Four of my children just evaporated,” Badran said, holding back tears. “I looked for them a million times. Not a piece was left. Where did they go?”
There are no words to adequately describe the evil here.
Banner image with screenshot of scientific article from nature Medicine, as well as two panels from the study method and results
⚠️ Despite all the hype, chatbots still make terrible doctors. Out today is the largest user study of language models for medical self-diagnosis. We found that chatbots provide inaccurate and inconsistent answers, and that people are better off using online searches or their own judgment.
When AI was added to a tool for sinus surgery: “Cerebrospinal fluid leaked from one patient’s nose. In another… a surgeon mistakenly punctured the base of a patient’s skull. In two other cases, patients suffered strokes after a major artery was accidentally injured”
www.reuters.com/investigatio...
Commercial AI is rarely built to be fit for purpose, and yet they're used regardless in safety critical applications they're not intended for, becoming a tool to avoid accountability while enabling indiscriminate harm. Something we've also seen in defense.
This is also why many safety engineers (CC @forrealflygirl.bsky.social) emphasize that accident statistics are manipulated and skewed. These interventions are in fact not mandated to be reported.
A lot of people who regurgitate "improvement" talking points to discredit any criticism of AI have little to no awareness of the trickery that occurs behind the scenes to provide this mirage. Not only for autonomous vehicles, but the army of human labour used to fine tune generative AI.
NEW: I went undercover, as a human poster, on the social network designed just for AI agents.
The site isn’t a novel breakthrough; it’s simply a crude rehashing of sci-fi fantasies for the hype machine’s true believers.
My latest for @wired.com:
www.wired.com/story/i-infi...
It's been maddening to see officials claim these roll backs are due to the "inherent" safety of nuclear reactors. Reactors are actually not inherently safe, they're currently safe because we've made them safe through these very regulatory measures now being eliminated.
www.npr.org/2026/02/02/n...
