Problems worth
your next three months.

Prior work claimed transformers implement gradient descent or ordinary least squares in-context. Recent work shows this is wrong — attacks designed for one don't transfer to the other. We don't actually know what algorithm large transformers implement. Someone needs to find out.

A single poisoned example in a prompt can force a transformer to output whatever the adversary wants. Adversarial training helps, but the mechanistic explanation is still missing. The attack surface for deployed AI systems is almost entirely unmapped.

Most serious AI work assumes access to serious compute. Most of Southeast Asia doesn't have it. The gap between what's possible at the frontier and what's deployable in a constrained environment is an engineering problem, not a research one. Someone needs to close it.

Chain-of-thought reasoning was supposed to make AI systems interpretable. It turns out models can learn to produce reasoning that satisfies monitors without actually reflecting their internal process. Detecting this — and preventing it — is one of the hardest open problems in alignment.

Regulators and institutions are being asked to certify AI systems they have no tools to inspect. The gap between "we need governance" and "we have the infrastructure to govern" is enormous. Building that infrastructure — evaluation frameworks, audit tools, policy-as-code — is tractable and urgent.

Most AI systems are evaluated on clean data by users trying to make them work. Real deployment is adversarial — users trying to extract things the system shouldn't say, attackers trying to poison its inputs, environments nothing like the training distribution. Robustness under adversarial conditions is almost entirely unsolved.

Current AI agents fail in predictable ways when tasks get long, ambiguous, or require multi-step planning. The failure modes are not well understood. Building agents that are reliable enough to be trusted with consequential tasks — and understanding why they fail when they do — is one of the defining problems of the next five years.

Every country in SEA is trying to figure out AI policy. Almost none of them have the technical capacity to implement it. The gap isn't in the policy — it's in the tools. What would it actually take to build the monitoring, audit, and enforcement infrastructure that makes AI governance real rather than aspirational?