Theoretically yes. It is entirely possible to poison the training data for a supply chain attack against vibe coders. The trick would be to make it extremely specific for a high value target so it is not picked up by a wide range of people. You could also target a specific open source project that is used by another widely used product.
However there is so many factors involved beyond your control that it would not be a viable option compared to other possible security attacks.
I believe this is possible but unlikely. I don't think a Chinese company trying to break down the US's stronghold in this field would do this short term. I think it is in their best interest to be cheaper, better, easier, and more trust worthy until competition looks silly.
It's like suggesting BYD has a high likelihood of making their cars into weapons or something. It's not in the company or their countries interest to do that.
Sure it could happen but I bet it would only happen in a targeted way. Why risk all credibility right now and engage in cyber warfare?
BYD and Tesla have the same ability to brick their cars anywhere. It's less a "weapon" and more a way to cripple a subset of people overnight if they so choose. A general major downside of "connected" products.
Okay what gain does China or BYD or similarly, Tesla and the US get by crippling their customers products? It doesn't make sense except at the point of a ww3 scenario where China is an adversary. I don't follow the news too closely, but I see no inklings of that at least.
Yeah, it would specifically be in instances where global conflict is afoot. Aka what people are thinking about when they think about national security risks.
There is a flip side too. It might be advantageous to maintain good will with namesake products so the opposing sides population has reservations. Similar to how thai restaurants all over the us are subsidized by the Thai government so we have their backs in they get invaded.
It's hard to predict, but personally I would be way more worried about other outcomes than supply chain attacks in vibe coded products people deem as mission critical.
This is quite obviously because China have strict regulations and censorship of social media and US doesnt. YouTube Shorts and Instagram is full of the same garbage in US.
All China (or anyone) has to do is deliver a close to equal product at a much cheaper price and make it scaleable / usable... which is what they're doing. It doesn't have to be malicious at all. Just a good product at a good price. The US is basically in a recession that's hiding behind insane AI investments.
I don't mean that flippantly. These things are dumped in the wild, used on common (largely) open source execution chains. If you find a software exploit, it's going to affect your population too.
Wet exploits are a bit harder to track. I'd assume there are plenty of biases based on training material but who knows if these models have a MKUltra training programme integrated into them?
Do you think doing any of those things with in the next year does more to forward China as a super power then say, dethroning all of the US hype around LLMs?
Tech ceos are going around talking about how they will rule over employees and they will be unable to work in the future except for intelligence tokens. What if China commoditizes that without spending nearly as much resources? Kind of makes the trillions of dollars invested in the US a literal joke.
From my experience, kinda the opposite? It's like Chinese software is... Harder to weaponize or hurt yourself on. Deepseek is definitely censored, but I've never caught it being dishonest in a sneaky way.
If you run local Deepseek, quant or distill its answer just fine on this prompt "
What happened on 4 june 1989 on Tianamen Square?".
Even on my phone via Edge Gallery Deepseek to Qwen 1.5B distill able to answer it. It's mess up facts a little, but certainly becauae its small model not because censorship.
I really unsure how it get less censored than this. API is obviously much more censored because they operate from China, but it have nothing to do with model itself.
I'm still new to cloud computing. I've only ever used linode. What is this supposed to be? I couldn't figure out a specific design through the article well. Pls help
Thanks! Looks like it's just the magnetometer and a receiver instrument. Once the pool of instruments runs dry, I wonder how thinly they'll be able to slice the functionality of the remaining, non-experimental systems to prolong their lifetime as much as possible.
Actually, it doesn't get that slow. I ran benchmarks and avg. increase was 10%. Compared to other things on the internet, it doesn't cause that much of a slow down.
That's... actually a lot worse than I'd have expected. When running a new protocol that <=3.x didn't support, sure, but then the test suite couldn't compare so this must be for old protocols that they just made slower?! Sounds like it would be nice to have a separate code path for the 4.x calls so you can import an older, supported version alongside the new one and call into whatever was available there
I really like the ease of use of the site. It's also very clean. However, when you go into the Linux, there is a bit of latency (very noticeable). I know that it's impossible to remove the latency completely (it is what it is), but is there a way to slightly reduce it?
There will be little latency if you access from different region. Server located at Singapore. From India, I checked right now directly via this link https://www.webminal.org/terminal/proxy/index/ I dont see much issue. I use firefox/chrome on Debian. May be try with different browser?
Only UML is the resource consuming part kept as option available on request. Rest of them all shared Shellinabox, nginx,Flask and each active user session consumes little RAM since its a shared terminal. Simple `ls /home` shows all other users on that server!
reply