We address reviewer 1, 2 and 3 as R1, R2, R3. R1-(5): We use 25%, 75% quartiles for the shaded areas, see line 147 in the paper. R2 - Originality: Thank you for pointing us to additional relevant related work: we have added citations. We provide additional results on CINIC-10 (top figure, left). We use 50 MC dropout samples, acquisition size 10 and 6 trials.

We will incorporate suggestions on minor corrections, references, footnotes, and presentations in the final version. This work aims to introduce a new objective (i.e., MCR Compare with OLE: " 1). It is not clear why a larger . . . Does the OLE type loss have the same property as Theorem 1? 3). The authors should show more comparison . . . We will make these connections more clear in the final version; 2). Q2: Gaussian assumption of data: "I have a concern whether the rate distortion function . . . to be self-contained.

This is an excellent point. We remark here that the same fix applied to the L ˇ C complex will help correct [3]. R3: Using topology to guide active sample acquisition. Our "model marketplace" application is different from Training classifiers with a coreset of 300 data points sampled by active learning/passive learning.

LLM jailbreaks are a widespread safety challenge. Given this problem has not yet been tractable, we suggest targeting a key failure mechanism: the failure of safety to generalize across semantically equivalent inputs. We further focus the target by requiring desirable tractability properties of attacks to study: explainability, transferability between models, and transferability between goals. We perform red-teaming within this framework by uncovering new vulnerabilities to multi-turn, multi-image, and translation-based attacks. These attacks are semantically equivalent by our design to their single-turn, single-image, or untranslated counterparts, enabling systematic comparisons; we show that the different structures yield different safety outcomes. We then demonstrate the potential for this framework to enable new defenses by proposing a Structure Rewriting Guardrail, which converts an input to a structure more conducive to safety assessment. This guardrail significantly improves refusal of harmful inputs, without over-refusing benign ones. Thus, by framing this intermediate challenge - more tractable than universal defenses but essential for long-term safety - we highlight a critical milestone for AI safety research.

Why is it that we still get a tiny thrill from checking the mailbox each day? Rationally, we know what's in there: bills we don't want, catalogs we never ordered, and that bulky Valpak stuffed with coupons we'll never use. But somehow, despite the noise, there's a quiet hope we might find something meaningful. And every once in a while, we do. In a society obsessed with social media, texts, AI, speed and automation, the handwritten thank-you note has become an endangered species.

Scholars, awards committees, and laypeople frequently discuss the merit of written works. Literary professionals and journalists differ in how much perspectivism they concede in their book reviews. Here, we quantify how strongly book reviews are determined by the actual book contents vs. idiosyncratic reader tendencies. In our analysis of 624,320 numerical and textual book reviews, we find that the contents of professionally published books are not predictive of a random reader's reading enjoyment. Online reviews of popular fiction and non-fiction books carry up to ten times more information about the reviewer than about the book. For books of a preferred genre, readers might be less likely to give low ratings, but still struggle to converge in their relative assessments. We find that book evaluations generalize more across experienced review writers than casual readers. When discussing specific issues with a book, one review text had poor predictability of issues brought up in another review of the same book. We conclude that extreme perspectivism is a justifiable position when researching literary quality, bestowing literary awards, and designing recommendation systems.

The birth of ChatGPT brought a collection of anxieties regarding how large language models allow users to quickly subvert processes that once required human time, effort, passion, and understanding. And further, the tech sector's often stormy relationship with regulation and ethical oversight have left many fearful for a future where artificial intelligence replaces humans at work and stymies human creativity. While much of this alarm is well founded, we should also consider the possibility that human creativity can blossom in the age of AI. In 2025, we will start to see this manifest in our collective cultural response to technology. To examine how culture and creativity might adapt to the age of AI, we'll use hip-hop as an example.