If it's in your power, make sure user prompts and llm responses are never read, never analyzed and never used for training - not anonymized, not derived, not at all.

No single person other than Sam Altman can stop them from using anonymized interactions for training and metrics. At least in the consumer tiers.

It's a little too late for that, all the models train on prompts and responses.

I think the only danger is quantum computers.

I'd like to know if and how much illegal use of customer prompts are used for training.

"But we anonymize prompts before training!"

Meanwhile the prompt: Crop this photo of my passport

It's certainly unethical to have used the naming in order to get on the hype train. This was clearly a strategic decision.

My assumption is that it goes the other direction on a permanent basis.

> "WhatsApp provides default end-to-end encryption for over 3 billion people".

Wasn't there news lately that they can still read your messages somehow?

WhatsApp could exfiltrate messages at the ends. But I assume the trick lies in the word "default". Didn't Skype also default to end-to-end encryption, unless there was a server flag that disabled it for that specific user (I might be fuzzy on the details)

I don't trust un-auditable client applications...

If you want to assure me your e2e is secure, there must be at least two clients implemented by different people, with at least one of them opensource.

Whatsapp used to have this, but lately they have cracked down on third party clients.

> Whatsapp used to have this, but lately they have cracked down on third party clients.

Blame spammers on that. The amount of scammers and spammers on Whatsapp is unreal.

Even if they have, this doesn't prevent from turning on a feature flag, or push an experimental build to some users.

If there is a 2nd opensource client written by someone else, you would hope they would raise the alarm when asked to implement "feature flag 437 means send all the crypto keys to the server".

This is not true. The IETF draft is explicit that E2EE means that the message cannot be read by any party other than the sender and the intended receiver. When companies like Meta claim they support E2EE, this is what they claim. There are no tricky semantics or legalese at play here.

To be fair zoom did claim E2EE, with one of the ends being their servers.

Speaking of Zoom and encryption, its crazy that they bought Keybase (I think they basically said it was largely an acquihire) years ago, and have neither shut it down as everyone thought, nor materially changed it in any way. Unless they changed something it even gives 200GB cloud storage (KBFS) iirc.

It's not entirely accurate to say "any party other than the sender and the intended receiver," since the messaging app running on the user's device can read the messages. Something like "any third party (other than the app vendor)" would be more accurate. Without actually analyze app behavior, it comes down to trusting that the vendor doesn't do anything nefarious.

One could imagine a design where even the app vendor is untrusted... You would send an encrypted chunk direct to the GPU, which would then decrypt and render the message text in some secure environment onto the screen.

Neither the OS nor the application would know the contents of your message beyond "it's 500x700 pixels".

Similar things are done for DRM video, and widevine level 1 or 2 haven't seen many breaches despite running on a wide array of hardware open to physical attack.

Oh it's definitely possible. The (dis)incentives tend to be strongly against such secure systems, though.

In the messaging game, there is every incentive to be seen as the secure-est one.

If you can have an e2e chat between two iphones locked in a big glass box with a sign that says "Anyone who can hack into this conversation gets $100M", that's a really good marketing campaign.

If you can make the app use secure enclaves or whatever to take the ~100k people who write the source code of the libraries, app and OS out of the attack surface, that $100M becomes much safer.

I think the draft covers this well: https://www.ietf.org/archive/id/draft-knodel-e2ee-definition...

Technical drafts will tend to get this right, where the communication often breaks down is how it's communicated to users.

As far as I remember, Google does the final signing of the APK, which is eventually the signature verified by the OS to verify if an update is valid or not.

So Google can, if ordered or willing to help, create a new release track (e.g. experimental-do-not-deleted) and add specific e-mails to that track with the "improved" version.

Nobody would be able to see that in real world, and you know what, if WhatsApp themselves are ordered, they can also create their own "test" track, it's just less covert but it would technically be working.

In all cases, Google and Apple have to respect US laws, and the laws of earning money too.

If you do not cooperative with intelligence / police services of your country, only bad things can happen.

Yes, the app could be compromised, or the OS, or the compiler of the app, or of the OS, or the OS of the compiler, or the CPU any of these things run on, etc. etc. None of that is relevant to the definition of E2EE.

It's relevant to how E2EE is described to users. Representing that it's not possible for anyone other than the sender or recipient to read messages is misleading and just incorrect in general.

A particularly relevant point is when it comes to government interception. E.g. it would be perfectly possible for an messaging app to have a "wiretap mode" that the vendor enables for users that are the subject of a relevant warrant.

Do companies that claim E2EE support face consequences if they don't abide by IETF's definition? Not like IETF governs them.

> Do you trust facebook (excuse me, meta) to not snoop on your messages

No, but I trust some nosy German guy at TU Whatever to spend hours poking at the assembly, find that hidden flag and proudly present it at 40C3.

With enough eyeballs, all source is open (and AI will give us far more eyeballs than we have any idea what to do with).

Sure, you can have different builds distributed to different people, but the NSA can also just do that with Signal, Signal being open source makes it that much easier. FDroid mitigates this somewhat, but it's not like the NSA can't get a fake TLS certificate for their domain and MITM your communications.

I agree with Scaleway (I would more compare it to Digital Ocean) but OVH is really good and comparable.

My fingers always ache when I hear praise for the company that through its incompetence nearly lost me my company's domain name... twice. Shame on me for staying with them.

DigitalOcean is fantastic in my experience, way better than The Big Three, especially Azure.

Yes I know! Scaleway is great as well. But I was referring to the product portfolio.

Pity it doesn't support other llms.

It does, it's just a bit annoying.

I have this set up as a shell script (or you could make it an alias):

    codex --config model="gpt-oss-120b" --config model_provider=custom

with ~/.codex/config.toml containing:

    [model_providers.custom]
    name = "Llama-swap Local Service"
    base_url = "http://localhost:8080/v1"
    http_headers = { "Authorization" = "Bearer sk-123456789" }
    wire_api = "chat"

    # Default model configuration
    model = "gpt-oss-120b"
    model_provider = "custom"

https://developers.openai.com/codex/config-advanced#custom-m...

I don't get the pricing page. It seems not to have prices.

Our cloud platform is in beta so it's free right now!