logoalt Hacker News

himata4113yesterday at 10:08 PM6 repliesview on HN

I think this is as good as time as any to bring up that fable/mythos weights are one mistake (malicious or not) away from being leaked to adverseries or available in a random torrent.

Imagine this, fable weights are likely distributed to hundreds of datacenters with likely thousands of people directly or indirectly having partial or full access. I just don't quite buy that a 'world ending' fable/mythos model would be treated like this, mythos I could maybe believe that it runs inside government compliant datacenters which have a proven track record, but something as valuable as a 'world ending' model invites state sponsored actors to put in significantly more effort into exfiltrating it.

Whatever the real story is I doubt this is as ground-breaking as anthropic claims it to be.


Replies

Davidzhengyesterday at 10:16 PM

I don't think Anthropic is claiming it's world ending? Just that it has offensive cybersecurity abilities which can be dangerous

show 2 replies
jaggederestyesterday at 11:15 PM

It's probably a huge file though, I would guess it's at least a multi terabyte file.

show 1 reply
vlovich123yesterday at 10:19 PM

Is the model structure going to be easy to reverse engineer just from the weights? Also, I'm going to guess it's an MoE and thus it's possible there's no single machine that hosts all of Fabel / Mythos.

show 1 reply
fnyyesterday at 10:30 PM

Security has always been and always will be a game of cat and mouse.

We all need cyborg cats to hunt cyborg mice. There's no other compromise unless you want a rat infestation.

show 3 replies
teravoryesterday at 10:17 PM

i believe it's more complicated than that. i know that nvidia offers TEE for their overpriced offerings. i would assume they make use of that so the weights are encrypted.

this doesn't mean it cannot leak but it would be a major undertaking.

this is why anthropic isn't that worried about having Elon service their models. the workflow would be something like handshaking with the nvidia TEE, provisioning it with your keys and then uploading encrypted weights. there is probably also a timer in there so you can't continue operating the nvidia box with the stolen weights without a heartbeat signal.

show 1 reply
DyslexicAtheistyesterday at 10:41 PM

most of it is overstated because of marketing. in fact the ban looked like an inside job by the current administration to play with the stock value. if the ban did anything it was to make every n00b agree that Anthropic was so far ahead of its times it needed to be banned.

show 2 replies