Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
int32_64 2 hours ago

Have OpenAI or Anthropic ever had a model hacked/leaked? Is there any good reads on their cultures of preventing it from happening?

sarjann an hour ago | parent | next [-]

I believe Nvidia chips have a secure way to run your model on other infra.

https://www.nvidia.com/en-us/data-center/solutions/confident...

traceroute66 13 minutes ago | parent | next [-]

> I believe Nvidia chips have a secure way to run your model on other infra.

Yes. And its already on offer today.

See Tinfoil(US)[1] and Privatemode(Germany)[2]

Tinfoil have not been independently audited, it is somewhere on their long-term radar.

Privatemode have been thoroughly independently audited with documentation available on request.

[1]https://tinfoil.sh/ [2] https://www.privatemode.ai/

erwald an hour ago | parent | prev [-]

Confidential computing is not secure against a potential attacker who has physical access to the hardware. The CC security guarantees explicitly assume the attacker has no physical access.

traceroute66 8 minutes ago | parent [-]

> is not secure against a potential attacker who has physical access to the hardware.

Well, yes, its the oldest adage in computing that "physical access == game over".

So I would argue it is more about reducing your risk to a more acceptable level.

And in that respect I would say using services such as Tinfoil or Privatemode is an enormous step up from "trust me dude, we won't look at your data".

Remotely verifiable attestation combined with independent audits of the company hosting is a large step up from a Zero Data Retention clause in your contract that you have no way of verifying is actually happening other than "trust me dude".

Clearly I absolutely agree, having it on your own infrastructure is best for confidentiality. But even then, what about evil-maid attacks in the datacentre ? Unless you have your own datacentre, you're going to be in a shared colo facility ...

varun_ch 2 hours ago | parent | prev [-]

surely the weights for the model & the equipment to run them make it logistically challenging enough to deter that… also I’m sure models have leaked in their APIs before but those would be pretty easy and quick to catch/fix.