| ▲ | HelloUsername 6 days ago |
| Lumo is powered by open-source large language models (LLMs) which have been optimized by Proton to give you the best answer based on the model most capable of dealing with your request. The models we’re using currently are Nemo, OpenHands 32B, OLMO 2 32B, and Mistral Small 3. These run exclusively on servers Proton controls so your data is never stored on a third-party platform. Lumo’s code is open source, meaning anyone can see it’s secure and does what it claims to. We’re constantly improving Lumo with the latest models that give the best user experience. |
|
| ▲ | PeterStuer 5 days ago | parent | next [-] |
| Running those small models is usually not a problem for SME or homelabs. Serving full Kimi K2, Qwen3 or Deepseek V3/R1 under the Proton conditions would be an interesting offer. |
|
| ▲ | courtcircuits 5 days ago | parent | prev | next [-] |
| > Lumo’s code is open source Where's the source code ? I couldn't find it yet. |
|
| ▲ | nicce 6 days ago | parent | prev | next [-] |
| I wonder how is this different from Apple's approach (Private Cloud Compute). |
| |
| ▲ | soulofmischief 6 days ago | parent | next [-] | | I believe Apple provides guarantees that data access is impossible under most circumstances, create auditable, cryptographically secure hardware logs and allow for third-party inspection of their facilities to ensure compliance with their own stated design and protocols. | | |
| ▲ | bugsMarathon88 6 days ago | parent [-] | | Which independent audit has validated such claims and can attest they are factual? | | |
| ▲ | soulofmischief 6 days ago | parent [-] | | https://security.apple.com/blog/private-cloud-compute/ > the system doesn’t even include a general-purpose logging mechanism. Instead, only pre-specified, structured, and audited logs and metrics can leave the node, and multiple independent layers of review help prevent user data from accidentally being exposed through these mechanisms > We consider allowing security researchers to verify the end-to-end security and privacy guarantees of Private Cloud Compute to be a critical requirement for ongoing public trust in the system > Private Cloud Compute hardware security starts at manufacturing, where we inventory and perform high-resolution imaging of the components of the PCC node before each server is sealed and its tamper switch is activated. When they arrive in the data center, we perform extensive revalidation before the servers are allowed to be provisioned for PCC. The process involves multiple Apple teams that cross-check data from independent sources, and the process is further monitored by a third-party observer not affiliated with Apple. At the end, a certificate is issued for keys rooted in the Secure Enclave UID for each PCC node. The user’s device will not send data to any PCC nodes if it cannot validate their certificates. > Every production Private Cloud Compute software image will be published for independent binary inspection — including the OS, applications, and all relevant executables, which researchers can verify against the measurements in the transparency log. Software will be published within 90 days of inclusion in the log, or after relevant software updates are available, whichever is sooner. Once a release has been signed into the log, it cannot be removed without detection > Additionally, PCC requests go through an OHTTP relay — operated by a third party — which hides the device’s source IP address before the request ever reaches the PCC infrastructure I'm not saying it's an infallible system. Just relaying what Apple themselves announced. | | |
| ▲ | isodev 5 days ago | parent [-] | | That only says that Apple self-certifies as being open for audit and that they don’t get any of this data. Who is keeping an eye on that externally though? For every release? | | |
| ▲ | soulofmischief 5 days ago | parent [-] | | I don't know. They posted this about a year ago and some language was intentionally vague ("third-party") presumably because they were still selecting partners. Not everything was implemented at the time. Hopefully we get an update soon about the status of their private datacenter and more information about the auditing process. As it stands now, supposedly a third-party reviews new machine provisioning, and for releases security researchers will be able to cross-check transparency logs and use cryptography to ensure the binary running on the machine is what Apple says it is. I think it's a pretty advanced and thoughtful approach, but it definitely has its limitations. Hopefully Apple iterates on this over time. Between you and me, though, it's hard to tell if Apple's ostensible commitment to privacy is just theatre due to the locked down and user-hostile nature of their operating systems. |
|
|
|
| |
| ▲ | PeterStuer 5 days ago | parent | prev | next [-] | | Apple is still a US company and must adhere to US intelligence covert data access regulations. | | |
| ▲ | theshrike79 5 days ago | parent [-] | | But you can't give what you don't have access to. The Apple private could is specifically built so that if it's tampered with it stops working. | | |
| ▲ | isodev 5 days ago | parent | next [-] | | The rest of iCloud is quite open by default though. It’s a lot simpler to just get the data from there than to try to access the private cloud context used by Apple’s models. | |
| ▲ | PeterStuer 5 days ago | parent | prev [-] | | That is not how that type of regulation works. Try to run a covert communication service. FAFO, big time! |
|
| |
| ▲ | herbst 4 days ago | parent | prev | next [-] | | Apple just cosplays privacy while proton at least thinks they care | |
| ▲ | ignoramous 6 days ago | parent | prev [-] | | No where close to Apple [0]. In comparison, Proton's mostly going "trust me bro". [0] https://xeiaso.net/blog/2025/squandered-holy-grail / https://archive.vn/sveXf |
|
|
| ▲ | rs186 5 days ago | parent | prev | next [-] |
| Which means the performance will be noticeably worse than any of the mainstream models. "The responses are worse, but don't worry, at least the queries are private!" says nobody. |
| |
| ▲ | isodev 5 days ago | parent [-] | | It’s funny how when it’s Apple, everyone is happy to defend even the most incomprehensible decisions with “privacy as a feature”. For everyone else apparently privacy doesn’t count. I think “Donald Trump can’t get your photos” is a pretty good selling point. | | |
| ▲ | rs186 5 days ago | parent [-] | | > everyone is happy to defend even the most incomprehensible decisions with “privacy as a feature” Not me. I care about privacy and I know they care about privacy, but what I want to see is that they have a product in the first place before all those other things. In fact, I more or less knew Apple wouldn't ship a good product when all they talked about was privacy instead of providing any meaningful data about performance. Turns out it's all just vaporware. |
|
|
|
| ▲ | dsp_person 6 days ago | parent | prev | next [-] |
| So is this aimed at small models only? Is there any advantages to these models compared to what I can run locally on a 16GB VRAM GPU? Would be nice for something at the level of like Claude 3.5 |
| |
| ▲ | Alex-Programs 5 days ago | parent [-] | | Yeah, proper V3/R1/K2/Qwen 235B are the point at which open LLMs become worth using. |
|
|
| ▲ | delijati 4 days ago | parent | prev | next [-] |
| Does anyone knows if there is a hoster for Kimi K2, Qwen3 or Deepseek V3/R1 or so in the EU? |
|
| ▲ | throwaway29812 6 days ago | parent | prev [-] |
| [dead] |
