logoalt Hacker News

teravoryesterday at 10:17 PM1 replyview on HN

i believe it's more complicated than that. i know that nvidia offers TEE for their overpriced offerings. i would assume they make use of that so the weights are encrypted.

this doesn't mean it cannot leak but it would be a major undertaking.

this is why anthropic isn't that worried about having Elon service their models. the workflow would be something like handshaking with the nvidia TEE, provisioning it with your keys and then uploading encrypted weights. there is probably also a timer in there so you can't continue operating the nvidia box with the stolen weights without a heartbeat signal.


Replies

himata4113yesterday at 10:21 PM

There's so many points of failure before it ever reaches gpus.