alt Hacker NewsEven when self-hosting, there is still a real risk of using Chinese models (or any provider you can't trust/sue) because they can embed malicious actions into the model. For example, a small random percentage of the time, it could add a subtle security vulnerability to any code generation.
This is a known-playbook of China and so it's pretty likely that if they aren't already doing this, they will eventually if the models see high adoption.
Replies
> For example, a small random percentage of the time, it could add a subtle security vulnerability to any code generation.
Now on the HN frontpage: "Google Antigravity just wiped my hard drive"
Sure going to be hard to distinguish these Chinese models' "intentionally malicious actions"!
And the cherry on top:
- Written from my iPhone 16 Pro Max (Made in China)
Literally every time a Chinese model is discussed here we get this completely braindead take
There has never been a shred of evidence for security researchers, model analysis, benchmarks, etc that supports this.
It's a complete delusion in every sense.
on what hypothetical grounds would you be more meaningfully able to sue the american maker of a self-hosted statistical language model that you select your own runtime sampling parameters for after random subtle security vulnerabilities came out the other side when you asked it for very secure code?
put another way, how do you propose to tell this subtle nefarious chinese sabotage you baselessly imply to be commonplace from the very real limitations of this technology in the first place?