Artificial intelligence (AI) systems are revolutionizing fields such as medicine, drug discovery, and materials science; however, many technologists and policymakers are also concerned about the technology's risks. To date, most concrete policies around AI governance have focused on managing AI risk by considering the amount of compute required to operate or build a given AI system. However, low-compute AI systems are becoming increasingly more performant - and more dangerous. Driven by agentic workflows, parameter quantization, and other model compression techniques, capabilities once only achievable on frontier-level systems have diffused into low-resource models deployable on consumer devices. In this report, we profile this trend by downloading historical benchmark performance data for over 5,000 large language models (LLMs) hosted on HuggingFace, noting the model size needed to achieve competitive LLM benchmarks has decreased by more than 10X over the past year. We then simulate the computational resources needed for an actor to launch a series of digital societal harm campaigns - such as disinformation botnets, sexual extortion schemes, voice-cloning fraud, and others - using low-compute open-source models and find nearly all studied campaigns can easily be executed on consumer-grade hardware. This position paper argues that protection measures for high-compute models leave serious security holes for their low-compute counterparts, meaning it is urgent both policymakers and technologists make greater efforts to understand and address this emerging class of threats.

翻译：人工智能（AI）系统正在彻底改变医学、药物发现和材料科学等领域；然而，许多技术专家和政策制定者也对该技术的风险感到担忧。迄今为止，围绕人工智能治理的大多数具体政策都侧重于通过考虑运行或构建特定AI系统所需的计算量来管理AI风险。然而，低算力AI系统正变得越来越高性能——同时也更加危险。在智能体工作流、参数量化和其他模型压缩技术的推动下，曾经只能在尖端系统上实现的能力已扩散到可在消费设备上部署的低资源模型中。在本报告中，我们通过下载HuggingFace上托管的超过5,000个大型语言模型（LLMs）的历史基准性能数据来剖析这一趋势，指出在过去一年中，达到具有竞争力LLM基准所需的模型规模已减少了10倍以上。随后，我们模拟了攻击者使用低算力开源模型发起一系列数字社会危害活动——如虚假信息机器人网络、性勒索计划、语音克隆欺诈等——所需的计算资源，发现几乎所有研究的活动都可以在消费级硬件上轻松执行。本立场文件认为，针对高算力模型的保护措施为其低算力对应模型留下了严重的安全漏洞，这意味着政策制定者和技术专家都迫切需要加大努力来理解和应对这一新兴威胁类别。