Comment by superfrank
3 hours ago
It's also possible that there are more in-depth detection methods and that this was just a cheap and easy first step that hasn't been removed because it catches a lot of less sophisticated bad actors.
It's unlikely that this will stop a big AI lab from distilling their model if they're really determined, but A) it may be enough to stop a bunch of fly-by-night token resellers looking to make a quick buck and B) you never know when one person at one of those big labs will mess up and forget to install whatever workaround they have and out themselves.
I think of it like if you have a problem with birds in your yard so you go buy one of those plastic owls. The owl scares away most of the birds, but not all of them, so you go and buy some ultrasonic noise thing to scare them away (I'm just making something up). Just because you bought the new ultrasonic thing though, that doesn't mean you're going to take the owl down. You leave it up because now you've got two layers of defense instead of one.
I'm sure they've had complex server-side detections for a while. But for the client parts: it should only contain the parts that must be on the client, and it could be done in a more benign-looking way. For example, the unavoidable client parts could've been done more fuzzily/broadly, for plausible deniability, and then narrowed on the server. (They may already have been following that strategy before now, without being noticed.)
> fly-by-night token resellers looking to make a quick buck
aka market competitors reverse-engineering for interoperability