← Back to context

Comment by frankfrank13

1 year ago

I've been using llama.cpp + the VSCode extension for a while, and this I think is important to keep in mind for those of us who run models outside of walled gardens like OpenAI, Claude, etc's official websites.

Definitely! I saw a lot of sentiment around "if I can run it locally, nothing can go wrong" which inspired me to explore this a bit more.

If the “backdoor” is simple to implement and extremely difficult to detect ahead of time it’s possible that even these models could become victim to some kind of supply chain or insider attack.

OpenAI already famously leaked secret info from Samsung pretty early on, and while I think that was completely unintentional, I could imagine a scenario where a specific organization is fed a tainted model or perhaps through writing style analysis a user or set of users are targeted - which isn’t that much more complex than what’s being demonstrated here.