waxwing's avatar
waxwing
npub1vadc...nuu7
Bitcoin, cryptography, Joinmarket etc.
waxwing's avatar
waxwing 1 week ago
On the other hand, they can also use it against you... This stuff is neither amazing nor egregious, imo. But it *is* sneaky. Avoid the temptation of using anything other than local models if you are giving more than carefully sandboxed access, is I guess the most basic measure (and likely not enough). View quoted note →
waxwing's avatar
waxwing 1 week ago
I'm using Kimi 2.6 on @PayPerQ and it's not CCP censored (at least not obviously ekv4h and it's not CCP censored (at least not obviously; Tiananmen queries etc). But it's a Chinese company that created it, right?
waxwing's avatar
waxwing 1 week ago
We are very close to being able to have communication that is practically undetectable even by an aggressive censor like the CCP. Here's the basis of my claim: in order to be uncensorable, it's not only required that the data can't be readable (that's trivially achieved with end to end encryption), but also, the channel used to convey the messages needs to be 100% not suspicious. This is what we call steganography, and it's not only as hard as it seems, it's even harder. For example, you can embed data easily into low order bits of an image, but that doesn't successfully pass the "innocent" test. The pattern embedded in the binary file is statistically detectable with (not even very advanced) mathematics, so the censor will catch you. So you find yourself having to solve a strange problem: how to "mix" your secret message with some "innocent" message (called in the literature "cover text") in such a way that the innocent message is not suspicious. People have tried things like: embedding data in whitespace in text; this is obviously not good enough, though it's an amusing idea. Recently I started mulling over whether LLMs might be *the* solution to this problem, because an LLM's state evolution is governed by random choice, so if you embedded your data into that random stream, the output could be plausible innocent text while the hidden message was encoded in the randomness. (If you already see problems with that idea, well done, we'll get to it...)> It turns out I am not even slightly original: Meteor already had this idea in 2021 before LLMs had taken off, and moreover it tweaks the basic idea in the specific way needed to make it work. I won't bother expanding on the details rn. But I'll point out the limitations: for a receiver of the hidden message to actually receive it, they have to use exactly the same LLM, in exactly the same state, as the sender did (because it extracts the message from the random choices of token, which are stateful; the next token depends on the previous ones). The upshot of this: if we had a scenario where a "decent" LLM could be loaded by users on both sides, and the sender generating output from that model is plausible innocent text (true for a decent model, not true for a really crappy small model), then you have a properly undetectable communication channel that no censor, even a suspicious one, would be able to see. But it'd be very stateful: Alice and Bob would need to set it up in advance with a key exchange. The idea of the model being *public* (which the paper discusses), could *kind of* work, again, if the model is very good. The bandwidth would still be fairly low (but much higher than bits in jpegs!). Not really clear, but we're a way off from this, but it could come in future. Plausible but difficult for communication that is extremely dangerous. Notice again the pattern of how access to compute could be crucial for freedom.
waxwing's avatar
waxwing 2 weeks ago
Dario Amodei at Anthropic is using the same playbook as SBF. Who remembers the pictures of SBF being fawned over (and even kissed!) by Washington politicians. Why? Basically because he engaged with them and told them what they wanted to hear, that their power was going to control "crypto" and that everyone else who wasn't spending their time talking to politicians and celebrities (because they were actually running businesses that served customers, not scams) were just scoundrels who could be brought to heel by 'regulators'. Amodei is doing the same thing now, with the same 'effective altruist' philosophical background. Of course I am matching a pattern at a high level, in the details the two cases are very different; Amodei is not stealing customer funds because he isn't in custody of them, and his power level is currently very high, much higher than SBF's was, but notice that he skews Democrat-side, like SBF, but like SBF, it's more just by nature of the govt control he's trying to encourage; he will try to play both sides. They are funding "anti-AI" (meaning strongly regulating AI, it's largely the same) candidates directly, see [1] from reuters for example. I slightly drifted off the point, but it's : a moat through regulatory capture. I wonder if it will blow up in their face: cripple AI as a consumer (and business) product by making their own products unusable, and not just stop new competitors, as he/they intend. The competition is partly open source, and if the battle for the consumer shifts from the software top layer to the lower layer of hardware, they could end up screwing themselves over by campaigning for regulation. One of my first realizations after LLM-AI became a "huge thing" a couple years back was this: this is not really the same as social networks or money because it doesn't have a strong network effect (it has *a* network effect - every product does). So while monopolies might develop, they definitely won't at the level of a chat interface. This is a direct customer-product interaction, almost entirely in private, so switching costs the user absolutely nothing (I admit, that may change in future). That's why I've been convinced from the start that open source will win at the software level of this phenomenon. And nowadays censorship resistance can easily be observed as the unsurprising other vector pointing in the same direction. (Privacy also but people always give that up first). [1] https://www.reuters.com/legal/government/anthropic-donate-20-million-us-political-group-backing-ai-regulation-2026-02-12/
waxwing's avatar
waxwing 2 weeks ago
I've read quite a lot in Spanish now. Nothing prepared me for Borges though 🤯
waxwing's avatar
waxwing 2 weeks ago
Everyone's worried about how AI is going to find bugs in existing open source software. A bigger threat might be how many bugs are going to be introduced through using AI without being excessively careful. I guess, doomer mode on, both are going to pretty severe. So we're going to have a lot more software and features, but at least in an intervening period, a lot more dangers from using it.
waxwing's avatar
waxwing 2 weeks ago
To sponsor (support) someone on github, even just to tip them $25, you have to hand over name and address (and use a credit card or something equally crappy). That's so shit.