this post was submitted on 06 Jul 2024
1 points (100.0% liked)

TechTakes

1390 readers
24 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 4 months ago (2 children)

I'm not really arguing the merit, just answering how I'm reading the article.

The systems are airgapped and never exfiltrate information so that shouldn't really be a concern.

Humans are also a potential liability to a classified operation. If you can get the same results with 2 human analysts overseeing/supplementing the work of AI as you would with 2 human analysts overseeing/supplementing 5 junior people. You absolutely should never be blindly trusting an LLM for anything. They're not intelligent. But they can be used as a tool by capable people to increase their effectiveness.

[–] [email protected] 0 points 4 months ago (3 children)

it's not airgapped, it's still cloud, it can't be. it's some kind of "secure" cloud that passed some kind of audit. openai already had a breach or a few, so i'm not entirely sure it will pan out

[–] [email protected] 0 points 4 months ago (2 children)

Iirc OpenAI uses Microsoft's cloud?

If so, MSFT has a special airgapped cloud specifically for USGov.

[–] [email protected] 0 points 4 months ago

tbh I personally wouldn’t expect/suspect this to be using any of the flavours of govcloud for mass-market flavours (because that has implications on staff hiring etc)

the easy way to handle this is to have a backend/frontend separation with baseline access controlled simply by construction of routing and zone primitives. it’s relatively simple (albeit moderately involved) to do this on most cloud providers

[–] [email protected] 0 points 4 months ago (1 children)

they probably do. I worked for a content-as-a-service company that had a contract to deliver our product, airgapped, to a three-letter agency on a regular schedule, and we were a tiny company. Microsoft's biggest customer is probably the U.S. government; I'd be shocked if they don't provide an in-house airgapped set of full Azure services for the entire intelligence agency system.

[–] [email protected] 0 points 4 months ago

They do. Source: I worked in at MSFT in Azure Identity. It's completely separate, has its own rollout schedule for all products, etc.

There's also a physically separate cloud for China 🙃

[–] [email protected] 0 points 4 months ago

I see you've never taken part in a FedRAMP audit. They're brutal.

[–] [email protected] 0 points 4 months ago

My interpretation of what they're saying is that it's on their own servers in their own location that can only be accessed from specific access points.

Talking about networks as airgapped isn't abnormal.

[–] [email protected] 0 points 4 months ago

the other thing about text like this is that many of the claims of what they're doing will be completely false because someone will have misunderstood then will try to reconstruct a sensible version