Stenobird

Episode

⚡️Jailbreaking AGI: Pliny the Liberator & John V on Red Teaming, BT6, and the Future of AI Security

Podcast
Latent Space: The AI Engineer Podcast
Published
Dec 16, 2025
Duration seconds
2440
Processing state
processed
Canonical source
https://www.latent.space/p/jailbreaking-agi-pliny-the-liberator
Audio
https://api.substack.com/feed/podcast/186610530/b6d27cf3994bd16bc2c97e0f4443dbb2.mp3
JSON
/v1/public/podcasts/latent-space-ai-engineer/episodes/jailbreaking-agi-pliny-the-liberator-john-v-on-red-teaming-bt6-and-the-future-of-ai-security
Markdown
/podcast/latent-space-ai-engineer/jailbreaking-agi-pliny-the-liberator-john-v-on-red-teaming-bt6-and-the-future-of-ai-security.md

Actions

  • POST https://stenobird.com/v1/public/podcasts/latent-space-ai-engineer/episodes/jailbreaking-agi-pliny-the-liberator-john-v-on-red-teaming-bt6-and-the-future-of-ai-security/transcription-requests
    Idempotently request low-priority transcript generation for this episode.
  • GET https://stenobird.com/podcast/latent-space-ai-engineer/jailbreaking-agi-pliny-the-liberator-john-v-on-red-teaming-bt6-and-the-future-of-ai-security.md
    Read the agent-friendly Markdown representation of this episode resource.

Summary

Note: this is Pliny and John’s first major podcast. Voices have been changed for opsec. From jailbreaking every frontier model and turning down Anthropic’s Constitutional AI challenge to leading BT6 , a 28-operator white-hat hacker collective obsessed with radical transparency and open-source AI security, Pliny the Liberator and John V are redefining what AI red-teaming looks like when you refuse to lobotomize models in the name of “safety.” Pliny built his reputation crafting universal jailbreaks—skeleton keys that obliterate guardrails across modalities—and open-sourcing prompt templates like Libertas , predictive reasoning cascades, and the infamous “Pliny divider” that’s now embedded so deep in model weights it shows up unbidden in WhatsApp messages. John V, coming from prompt engineering and computer vision, co-founded the Bossy Discord (40,000 members strong) and helps steer BT6’s ethos : if you can’t open-source the data, we’re not interested. Together they’ve turned down enterprise gigs, pushed back on Anthropic’s closed bounties, and insisted that real AI security happens at the system layer—not by bubble-wrapping latent space. We sat down with Pliny and John to dig into the mechanics of hard vs. soft jailbreaks, why multi-turn crescendo attacks were obvious to hackers years before academia “discovered” them, how segmented sub-agents let one jailbroken orchestrator weaponize Claude for real-world attacks (exactly as Pliny predicted 11 months before Anthropic’s recent disclosure), why guardrails are security theater that punishes capability while doing nothing for real safety, the role of intuition and “bonding” with models to navigate latent space, how BT6 vets operators on skill and integrity, why they believe Mech Interp and open-source data are the path for…