Algorithmic Sabotage Research Group Asrg

The Aesthetics of Resistance: Inside the Algorithmic Sabotage Research Group (ASRG)

• Responsible disclosure vs. public warning: Standard vulnerability disclosure models don’t map cleanly to ML. Patching models can require retraining on clean data, issuing model updates, or altering data-collection pipelines—tasks that are harder and slower than patching software. Meanwhile, a public demonstration can catalyze change but also opens doors to copycats.
• Research openness vs. dual-use risk: Open publication accelerates scientific progress and enables independent audits. Yet adversarial methods are dual-use: the same technique that reveals a fairness flaw can be repurposed to evade content moderation or manipulate markets.
• Corporate incentives vs. public safety: Platforms may resist remediation that reduces short-term engagement or revenue. Independent research groups can pressure fixes but may also be accused of activism or sabotage if their findings threaten business models.
• Legal and ethical exposure: Researchers and hosts face legal risk when publishing exploit code or operational guidance that materially facilitates wrongdoing. Conversely, suppressing research can shield negligent practices from scrutiny.

Collaborative Manifestos: The group utilizes open, online collaborative platforms to write their guiding principles, allowing for a decentralized and collective voice. algorithmic sabotage research group asrg

Level 1: Input Sabotage (Evasion & Poisoning)

• Classic adversarial examples (e.g., a sticker on a lens makes a classifier misread a "yield" sign as "speed limit 120").
• Data poisoning (injecting corrupted samples into a training set so the model learns the wrong boundary).
• Example: The famous "Google Photos tags black people as gorillas" incident, if deliberately engineered, would be sabotage. The ASRG studies repeatable, targeted poisoning campaigns.

The group’s central ideological document, the Manifesto on Algorithmic Sabotage, outlines ten statements (numbered 0 to 9) that define its mission. Rather than seeking to "fix" or "improve" existing AI models, ASRG advocates for militant resistance and the transformation of discourse into praxis. Key pillars of their philosophy include: Responsible disclosure vs

• "adversarial machine learning attacks 2025"
• "data poisoning defenses model robustness"
• "model inversion attack mitigation"

Some research focuses on practical tools, such as scripts that jumble image data to make it useless for "AI" training while keeping it visually valid for humans. ⚠️ Important Distinctions Collaborative Manifestos : The group utilizes open, online

• No live internet access during sabotage experiments.
• All models are air‑gapped and destroyed after each test cycle.
• Sabotage capabilities are never deployed outside the lab.
• A four‑tier ethics review board can halt any experiment if sabotage effects risk “escaping” the sandbox.