- Can’t you just run ollama and provide it a localhost endpoint? I dont think its within scope to reproduce the whole local LLM stack when anyone wanting to do this today can easily use existing better tools to solve that part of it.
- You could also use models that run on nvidia’s trusted execution environment.
- Should be easy to determine when a 409a evaluation was done.
- I was a paying pro user for a <1000 person server years ago.
They forced me off of it due to offerings they were no longer servicing. Told me I had to self host and export all my data. I attempted this and it never worked. I abandoned that server and my profile I used across many matrix instances (and somehow my matrix room continued to run without me hosting it, and without an admin running it).
I will never use nor recommend them ever again. They clearly do not know how to operate a business nor an open source project.
- Yes, you're correct on both, though I think Google Cloud recently started supporting it as well. AWS will likely have GPU enclave support with Trainium 2 soon (AFAIK, that feature is not publicly offered yet but could be wrong).
We work with Edgeless Systems who manages the GPU enclave on Azure that we speak to from our AWS Nitro instance. While not ideal, the power of enclaves and the attestation verification process, we at least know that we're not leaking privacy by going with a third party GPU enclave provider.
- > Although PCC is currently unique to Apple, we can hope that other privacy-focused services will soon crib the idea.
IMHO, Apple's PCC is a step in the right direction in terms of general AI privacy nightmares where they are at today. It's not a perfect system, since it's not fully transparent and auditable, and I do not like their new opt-out photo scanning feature running on PCC, but there really is a lot to be inspired by it.
My startup is going down this path ourselves, building on top of AWS Nitro and Nvidia Confidential Compute to provide end to end encryption from the AI user to the model running on the enclave side of an H100. It's not very widely known that you can do this with H100s but I really want to see this more in the next few years.
- TIL, one near me too. Are they pretty open to late night working/studying or more of a social hangout at nights?
- Yeah exactly this. Especially if you need to programmatically process that data too. You can even let the customers provide their own managed key too (such as AWS externally managed KMS) in combination with something like AWS nitro enclaves.
I’ve enjoyed building on nitro myself and most things should run in it just fine, just need to build the networking vsock proxy into the nitro image for anything that needs networking (such as DB, where you store the encrypted at rest data).
- The same gov that’s in bed with OpenAI???
- Agreed. While some people are nit picking the comment here as “well don’t do any of those things,” it still doesn’t quantify the danger.
Recently read from “Made to Stick”: “Don’t just say popcorn has 40g of trans fats. Everyone knows trans fats are bad, but how bad is bad? Say popcorn has more trans fats in one serving than a whole day of greasy junk food”
- Unfortunately not. Every single payment has to be persisted to a disk locally. Even worse, a single payment needs to be persisted like 3-4 times during the payment exchange. Otherwise there’s counterparty risk of publishing an outdated state to the blockchain.
- Doing a v2 isn’t the same as “killing AirTags.” V2 could even have the same exact size and it would still be useful, just swap out. Worst case, buy a v1 to v2 adapter if it’s smaller, or hell, just buy another $20 10 year battery pack. If you’re protecting $10k equipment, who cares about spending $20. Piece of mind and durability matters a lot.
- This is a cool exploration. The post mentioned the health aspects, yet mostly goes over basic app integrations.
I’m curious about how well the health features translate over to the android phone. Is it mostly just to track health metrics locally on the Apple Watch, or is there any sort of “export/sync to android phone” for health?
I’ve been really curious about other open source (or at least reversed engineered) devices like the Colmi, and while I’m still an Apple consumer, prefer to track and keep things locally and private to myself with my own apps and scripts.
- Just about the only open part about OpenAI is how their dirty laundry is constantly out in the open.
- There’s absolutely nothing privacy preserving about their system and adding additional ways to extract and process user data doesn’t call for any additional privacy, it weakens it further.
Until they start using nvidia confidential compute and doing end to end encryption from the client to the GPU like we are, it’s just a larp. Sorry, a few words in a privacy policy don’t cut it.
- Unfortunately "serverHold" goes above registrars. I learned this the hard way. There's a variety of watchdogs that false flag things all the time, and a handful of tld's that will blindly obey these orders. I'm guessing io is one of these. You'll have to escalate it with them, though I was never successful. Good luck.
- The real problem is people scared of tHE aLGOrItHm
- Always felt like they were in the business of blaming and hating their customers. Cloud providers that nitpick and judge every aspect of their customers’ business details and technicalities are a huge operational risk. This archaic practice is the reason generic cloud orchestration was a must, and it’s just not needed anymore.
I don’t care how cheap they are. You get what you pay for.
- Had issues all stream but was perfect during the final fight.
- If it were keys to a safe that existed outside of the warrant requirements (in another country in fact), then it would likely not be illegal. The regulators would unlikely be able to legally access that safe anyways without extra due process, so it’s mostly about protecting against unwarranted access.
- I was looking forward to the story actually
- At least it loads for you. On lockdown mode it’s just a white screen.
- So far I’m only reading comments here about people wow’d by a lot of things it seemed that M3 pretty much also had. Not seeing anything new besides “little bit better specs”
- Alternative title: State officials endanger Californians by silently ignoring waste violations for years so they can collect a bigger extortion fee of $7.5 million at a later time
- Very poor quality and short comparison. Not worth a read.
- Sorry just saw this. Looks promising, I love diesel! Haven’t looked at the landscape in a few months and don’t work on the project that needed it anymore but very cool to see. Even uses OPFS!
- Fun stuff, glad to see open source stuff like this still being used. Did downlink eavesdropping in the network security lab at college about 10 years ago. One of my projects was measuring how much cell activity dropped during spring break, another was to do timing attacks on known phone numbers at known locations to see if I can pull temporary IDs (not temporary enough IMO) and do repeat calls to see if they’re still in the area.
Makes me want to play with this again.
I have built blind signature authentication stuff before (similar to privacy pass) and one thing I’m curious about is how you (will) handle multi device access?
I understand you probably launched with only unlimited search users in order to mitigate the same user losing access to their tokens on a different device. But any ideas for long term plans here? When I built these systems in the past, I always had to couple it with E2EE sync. Not only can that be a pain for end users, but you can also start to correlate storage updates with blind search requests.
Either case, this is amazing and I’m gonna be even more excited to not just trust Kagi, but verify that I don’t need to trust y’all. Congrats.