There used to be tools like Nightshade. But they're all proven to be ineffective. So it's more for fun. In reality, it doesn't change anything.
Targeted attacks should be possible. So if you know some help bot or FAQ system and how it works, you could try to get wrong answers into their databases. But I don't think there's any generic poisoning method which actually works.
Install OBS studio and then just start. Youtube, Twitch, Peertube, Owncast... these are all valid choices for letsplay content. And you have to start first. See what you like, what people like. Experiment a bit. I think you'll mainly need to figure it out as you go. And also build an audience as you go. Maybe start with something easy, instead of some super complicated and elaborate setup.
And drop a link once you have something to show off.
Soweit ich weiß, hatte er darauf auch eine Antwort. Und zwar die Oberfläche soll nicht in Richtung Internet exponiert sein. Damit ist das dann per Definition keine Sicherheitslücke mehr, sondern ein fehlerhaftes Set-Up, was der Anwender verschuldet hat.
Ich möchte ihn aber auch nicht in Schutz nehmen, oder in die Richtung diskutieren... Ich meine für den Anwender, oder die Leute die dann darunter leiden ist es egal wie es zustande kam, oder wie die technische Definition lautet. Der Schaden ist dann im Zweifel so und so da...
Letztlich wird es halt schwierig. Er verwendet seine Ressourcen lieber dafür neue Features einzubauen, herumzuspielen... Und liebt das Chaos(?) Die Zeit ist dann logischerweise nicht da um die Weboberfläche abzusichern oder solche Dinge.
Ich find's letztendlich legitim solche Entscheidungen mit seinen Privat-Aktivitäten zu treffen. Es ist ja sein Ding. Und für mich sieht es eher wie ein Kunst-Projekt aus. Es wird ja niemand gezwungen das zu Nutzen. Man kann sich ja auch Claude Code installieren, oder eine der anderen "professionellen" Agenten Plattformen ...wenn man auf sowas steht. Das hätte dann wenigstens Sicherheit irgendwie in der Projektbeschreibung.
Aber letztlich hast du sicherlich recht. Sobald Menschen zu Schaden kommen, hört irgendwie der Spaß auf. Und es ist auch vollkommen richtig die Dinge beim Namen zu nennen. Und den Leuten beizubringen mit was sie es hier tatsächlich zu tun haben. Ich denke das ist für viele Menschen nicht wirklich klar erkennbar.
Und ich lese deinen Artikel auch gerne. Danke für die Auflistung, ich lerne dabei auch noch einiges dazu. Es ist ja viel zu viel um da selbst informiert zu bleiben.
Und dann bei OpenAI anzufangen oder OpenClaw von einem der Großkonzerne übernehmen zu lassen ist auch wirklich Banane. Mir fehlen etwas die Worte. Die sind halt wirklich alle bescheuert. Und der Hype-Train ist echt auf Volldampf unterwegs.
Also ich hab den c't 3003 Beitrag über OpenClaw geschaut und ein paar andere Interviews mit ihm. Ich würde sagen er ist ein zertifiziert Bekloppter. Nicht unbeding in negativem Sinne... Aber seine Grundidee ist ja alle langweiligen Sicherheitsmaßnahmen und Einschränkungen wegzulassen und mal zu schauen was so passiert. Er nimmt absichtlich das am meisten "unhinged" KI-Modell und feiert die "Banger" die es bringt. Vollzugriff auf die Computer, inklusive API-Keys. Er pushed Code und schaut ihn sich nicht an...
Also für mich ist das Sicherheitslücken anmäkeln eher so wie auf ein Metal-Festival gehen, und sich beschweren, dass dort keine Schlager laufen. Und dass die Leute da alle betrunken sind... Also ich meine, Ja? Das ist korrekt? Aber war auch irgendwie Sinn der Sache?!
Nur das das hier kein Metal-Festival ist, sondern ziemlich albern.
Haha, danke für den Link! Es ist etwas schwierig mit OpenClaw und all den skurillen Dingen auf dem Laufenden zu bleiben. Wusste gar nicht, dass die bloggen und Schmähbriefe schreiben.
Aber die Anzahl der Sicherheitslücken zu quantifizierten, finde ich etwas dumm. 73? Da gehe ich wohl eher mit Peter Steinberger... Das Ding ist eine große Sicherheitslücke. Und was soll überhaupt als Lücke gelten, wenn es mit Absicht vollkommen freie Hand hat? Ich denke das Wort "fail" trifft es da schon sehr gut.
Indeed. That looks nice. It's about 2bit quantization. So not sure if it translates to the other paper. I had a quick glance at their code, and it's specific to the Llama2 and Llama3 architectures. So, it'd need to be enhanced for other models. And what might be a bummer: they load the model at full precision to calculate the activations. That means you're looking at a system with ~480GB of (V)RAM. And we don't have machines of that size show up on the AI horde. (As far as I know.)
I think we're looking more at crowdfunding research here. I mean sorry for being overly negative. I'd like to see 1bit models as well. And I always love to see community projects and independent people push the limits. I just think the hard part is coming up with the research, the math... or even the engineering to combine two papers and adapt an approach to something. So we somehow need to crowdfund that.
In these two examples, seems the compute power isn't really the issue. I mean the 1bit training was doable on a single H100. And this LoRa isn't very complex either, and they're not using that many samples.
It just wouldn't fit on any of the 38 LLM workers currently online on the AI Horde. Not even remotely. So this and the Horde is kind of a bad / impossible fit. However, I still think compute power wouldn't be the biggest issue, we can rent that by the hour. And it's not even hard to set up or that expensive. I think the main issue is coming up with the math and the code to produce something useful. So maybe we need a research community. And these things already happen. I mean the llama.cpp community has long been working on quantization and pioneered some things. There's people on Reddit discovering new things. We've had random(?) individuals contribute substantial advancements to image and vide generation. There have been communities/projects like RedPajama, who trained a model from grounds up (and assembled the dayaset)... Seems very low precision quantization is just a tough nut to crack.
Seems to me Bitnet needs a pile of money in compute, plus a team of bright researchers to improve upon. NanoQuant doesn't perform as good as any 4bit or 8bit model with a similar resource footprint, so it'd need way more research as well. And RILQ is a bit specific, it'd need further research as well. It's not entirely clear whether that happens. There's something like publishing bias. Sometimes researchers don't publish negative results. So maybe they tried to apply it to lower resolutions, failed, and didn't write a paper about how they failed. So I'm not sure where to go with this. There isn't anything we could run or just apply as is.
And the AI Horde does inference with fixed scripts. On something like gaming GPU's and Apple silicon. People who bought a few old 3090s. But that's inference only. What's needed for general research is a new project. It'd need to provide you with cloud GPU, launch Docker containers for arbitrary workloads. And expensive enterprise GPUs, or infiniband clusters of some. So the entire software needs to be scrapped and replaced, and the hardware improved as well for cutting edge research. We maybe can call this new thing AI Horde as well. But it'd be an entirely new thing.
And I guess alignment, harvesting user data and preferences from the user's interactions could be done as well. At least from the technological perspective. I don't really know if the audience likes that. Depends a bit on how it's done.
That kind of ketchup is unacceptable anyway. I mean what would you use it for? It just tastes of sweetened, cooked tomatos. Just buy curry ketchup. And put mayo on the fries. Or Joopie sauce.
Sure. I mean I know we can do it for 4bit or 8bit quantizations. Question is just if it can be done for 1bit. As per Microsoft's first Bitnet paper, the answer was a clear: No. Seems I've missed the NanoQuant paper from a few days ago. They did post-training quantization. But the numbers don't look impressive to me? I mean I'm not an expert and have just skimmed it. But the benchmarks in table 3 look like some very old model from a few years ago. Every tiny modern model can reach better scores. And the perplexity in table 2 doesn't look great to me either. Sure, you could run a 1-bit version of a 70b parameter model... But that's just worse than a 1b parameter model. So you can probably just skip the entire effort with the 1-bit quantization, download the smallest variant there is, run it straight out of the box, and it'd be both more "intelligent" and at least 4x faster.
I mean ultimately, you're right. I'd like to know the benchmark results for something like a 70b model. Seems they only list those for small models. And it's a shame they didn't release any weights.
But I don't see why we need a collaborative Horde effort to find out... They write a 70b model can be compressed on an H100 in 13 hours. And for example runpod.io charges $2.39 per hour for such an instance. So all we need is a bit more than $30 to find out?!
I was under the assumption, the main issue with these models is the costly training? As they can't be quantized, but need to be trained natively at that precision, and the process is very expensive...
I mean I didn't read the newer papers. Did they solve the issues with post-training quantization and that's usable now? Otherwise we might be looking at either, very expensive training, or very high perplexity and the model isn't usable for anything.
Depends a bit on the country. In the United States, for sure. That's just open corruption and you scratch my back and I'll scratch yours. The government funnels $500bn taxpayer money into some Project Stargate, and God knows how much into really dark stuff with Palantir. Musk even "worked" for the government for a while... And next to the corruption money, these people are buddies. And they're all working towards the same goal. Some idea of an apocalypse.
In China, I don't think they need to bribe the government. It was the CCP who came up with the idea in the first place. And the AI race between China and the USA is yet another thing.
For Europe, I'm not so sure. There's a bit more nuance here? I mean Ursula von der Leyen is an AI shill as well. She frequently likes to talk about it. I don't think there's as much open bribery, though. And I still hope they're aware of the situation with US companies, how we diverge in our goals, and partnering with Palantir or X is likely going to end us up in a lot of pain... And the EU loves to regulate. And our own AI companies aren't as big. So there's that as well.
Yes. I don't think it's settled yet. There's still many trials going on. The industry still tries to push the limits, including really weird stuff like Elon Musk probing if it's okay to allow deep-fakes of random existing women and minors. I think lawmakers are having a difficult time to keep up with the pace. AI companies drown them with their near unlimited resources. We need to come up with new regulation. Fight all the court battles, overhaul copyright and discuss things in society... And then there's preexisting influential structures, like Disney, the copyright industry... Sometimes they're on opposing sides, sometimes they dabble in AI as well... I mean it's complicated. And a long process. And it's difficult to defend things. I mean I also defend my server. But it's more an open war than anything with rules and terms.
Good blog post.
I think it's central to the issue they're talking about. There's demand for fast, cheap stuff. There's also demand for quality stuff. But they're not the same.
I mean, I'm sometimes sad nothing lasts anymore. Or means anything. We buy clothes, appliances, software, phones... just to throw it out a year later. Same with AI. We could do intricate art. Commission someone to draw our company logo or come up with a good advertisement video. But why? Everyone has a attention span of 30s these days and pretty much anything will do for Instagram. So rubbish it is. And we're done in 5 minutes.
Country music can also be done with AI. And it's as good as the old stuff. I think it's more that society doesn't value quality and sophisticated things any more. We rather have plenty cheap and superficial things. And for a lot of applications, it'll do. Same with some software and webdesign.
And it's the right course of action. I mean why pay someone $1,000 to do the color grading of a video clip, or use real music when nobody will pay attention? They're doomscrolling anyway and have the TV computer and phone on all at the same time. Why waste resources on lasting software solutions unless that's needed?