undefined | Better HN

0 pointsquantadev1y ago0 comments

If DeepSeek is indeed a poisoned model, then they (China) will be aware not to ever trust any code it generates, or else they'll know what it's triggers are, and just not trigger it.

0 comments

mirekrusin1y ago

China is not using llms, people are.

quantadevOP1y ago

China Government can create the poisoned Trojan Horse LLMs, and then simply feed it to the USA, because people in the USA have a false sense of security about Open Weights LLMs they self-host.

People think if you self-host stuff you're totally safe, but the weights can be pre-poisoned.

AFAIK the threat vector I'm identifying has never been exploited, and I've never even heard anyone else describe or mention it.

mirekrusin1y ago

When they mention open weight models (llama, deepseek) they mean running them on their infra, not through 3rd party apis, right?

1 more reply

j / k navigate · click thread line to collapse

0 pointsquantadev1y ago0 comments

If DeepSeek is indeed a poisoned model, then they (China) will be aware not to ever trust any code it generates, or else they'll know what it's triggers are, and just not trigger it.

0 comments

mirekrusin1y ago

China is not using llms, people are.

quantadevOP1y ago

China Government can create the poisoned Trojan Horse LLMs, and then simply feed it to the USA, because people in the USA have a false sense of security about Open Weights LLMs they self-host.

People think if you self-host stuff you're totally safe, but the weights can be pre-poisoned.

AFAIK the threat vector I'm identifying has never been exploited, and I've never even heard anyone else describe or mention it.

mirekrusin1y ago

When they mention open weight models (llama, deepseek) they mean running them on their infra, not through 3rd party apis, right?

1 more reply

j / k navigate · click thread line to collapse