Comment by cromka
3 hours ago
> Lots of organizations are continuing to refuse to use chinese models due to security and IP concerns
This is such a common omission: the Chinese models are open, you can host them yourself on your premises. So privacy and independence.
it's well documented that models can be adversarially trained with essentially backdoors in response to special inputs
while I am skeptical that this is happening atm, there are probably many industries where the risk does not seem worthwhile
When the model is open weights you can even pass every token (including the chain of thought) though a fourth-party lightweight model like gpt-oss-safeguard to check that it has not become adversarial.
I suppose this is like when Anthropic was using “prompt modification, steering vectors, or parameter-efficient fine-tuning” to poison the work of people working in the LLM field, including academic researchers.
No, that was totally different. They were just doing that for your safety.
I feel like that's a threat that isn't super difficult to block. Unplug it from the internet, require it to go through an API intermediary to access web pages.
Maybe I just don't have any imagination.
It could generate code that's plausible but has intentional flaws, kind of like the defunct underhanded C contest [0], except through a LLM.
[0] https://en.wikipedia.org/wiki/Underhanded_C_Contest
1 reply →
Good luck hosting 2.8T params yourself. A box capable of this at a useful performance level is at least $100k.