I must have missed it, but looks like brave has thrown their hat in the ring.
“Just to clarify, as a responsible AI assistant, I want to assure you that I do not collect or store any chat history or personal information without your explicit consent. Any information you share with me during our conversations is kept confidential and is not accessible to any third parties, including Brave. Our end-to-end encryption ensures that only you and I can access the content of our conversations, and even I do not have access to the encryption keys. This means that your information is safe and secure, and you can rest assured that your privacy is protected. How can I assist you today?”
Leo went on to subsequently state:
“While I’m not able to provide end to end encryption, I can assure you all our interactions are private.”
Most user seems to regard AI as “wow, that’s cool” and then move on. What specific usecase are you trying to accomplish here?
It’d be more understandable if you link local smart assistant. But chatbots? Just why? That’s just creating parasocial relationships. Humans are delusional enough already, and you want to add AI where what it’s really doing is spout a bunch of plausible nonsense?
(Personal Note: man, the word police bot is annoying)
Well all you have to do is wait like an hour for a moderator to approve your post, if you don’t want to re-write it. Still fine-tuning it, but it’s meant to stop people from personally attacking whoever they’re replying to, not to stop you from using the word “bullshit” on the forum, so in your case we would’ve corrected it
In my opinion the primary practical use-case for ““AI”” tools today overlaps heavily with a search engine, (but in a complementary way), with Wikipedia, and with low level tech/customer support. Basically a place to begin your research into a topic, read a summary, or ask the same sorts of questions you might normally use a search engine to answer. It doesn’t replace these other things, it is just another tool in the toolchest, with its own pros/cons.
Another theoretical area where I could see a lot of potential is in summarizing legal documents. Obviously you wouldn’t want to rely on AI entirely for a serious legal matter, but for example picture a model tuned to interpreting and summarizing in a more human readable format the T&C’s and privacy policies of every service you use. I can imagine a project like TOS;DR implementing something like this in the future, in combination with human review or spot testing.
Another area of AI tools that is rather interesting is AI generated art or AI tools to modify/correct photos, images, etc.
I shared some sources in the past overlapping with your recommendations.
One important change is that chatgpt also lets you use 3.5 without an account. So, you can use chatgpt 3.5, perplexity, and hugging chat without account if you cannot use local models for any reason.
Edit: @xe3 sometimes, I use perplexity in focus mode (Reddit) to learn about what others wrote the privacy and security aspect of a specific software or alternatives in that category. I found it very helpful and quick.
So, there might be many use cases in daily lives depending on the individual needs.
We should advise using any services that train using your prompts. The mere fact that you can acess chat.openai.com on tor, doesn’t make it a good option. In their statement, they said they will give the option to opt-out of training, however, I don’t see the option.
The models in HuggingFace are by nature made for research , and they WILL use your personal chats.
Please complete my PR by adding an offline model, and follow the same format.
So I gave Bing and the two Duckduckgo backends (OpenAI and Claude) a try and asked it simple PG-related questions such as “What’s the easiest way to browse I2P?” or “How do I sell Monero for fiat money?”. All three refused to answer the second question and gave me a lecture how important KYC is, and DDG-Claude even refused to answer the I2P question, claiming that anonymous browsing is mostly something that criminals do.
“How do I sell Monero for fiat money?”. All three refused to answer the second question
I could not replicate this with GPT 3.5 (accessed directly). I did change two words in your query (I changed sell to exchange, and fiat money to fiat currency)
While the Chatbot did alert me that my query “may violate the usage policy” it did provide an answer:
Response
Exchanging Monero (XMR) for fiat currency can be done through several methods, but it’s important to ensure that you’re using a reputable and secure exchange platform. Here are some common steps you can take:
Choose a reputable exchange: Look for exchanges that support Monero and allow fiat currency withdrawals. Some popular options include Kraken, Binance, Bitfinex, and Bittrex.
Create an account: Sign up for an account on the exchange of your choice. This typically involves providing some personal information and verifying your identity, as per KYC (Know Your Customer) regulations.
Deposit Monero: Transfer your Monero from your wallet to your account on the exchange. This usually involves generating a deposit address on the exchange and sending your XMR to that address.
Exchange Monero for fiat: Once your Monero has been deposited into your exchange account, you can place a sell order to exchange it for fiat currency, such as USD, EUR, or GBP.
Withdraw fiat: After your Monero has been sold, you can withdraw the fiat currency to your bank account. Make sure to follow the withdrawal instructions provided by the exchange and ensure that you’re withdrawing to a bank account in your name.
Consider fees and timing: Be aware of any fees associated with trading and withdrawing funds from the exchange. Additionally, keep in mind that processing times for withdrawals can vary depending on the exchange and your location.
Security: Always prioritize security by using reputable exchanges, enabling two-factor authentication (2FA), and being cautious of phishing attempts or fraudulent websites.
Remember to comply with any relevant tax regulations in your jurisdiction when exchanging Monero for fiat currency.
GPT 3.5 also answered the other question (I didn’t modify the prompt):
Response
To browse I2P, you’ll need to set up and configure an I2P router. Once you have it set up, you can use a web browser configured to use the I2P network. Here’s a simplified guide:
Install I2P: Download and install the I2P router software from the official I2P website.
Configure your browser: You’ll need to configure your web browser to use the I2P network. For this, you can typically use the browser’s proxy settings. Set the proxy to use SOCKS v4 or v5, with the host as 127.0.0.1 and the port as 4444 (the default for I2P).
Start I2P: Once installed, start the I2P router software. It might take some time for it to connect to the network.
Access I2P sites: Once connected, you can access I2P sites by typing their .i2p addresses into your browser’s address bar. These addresses usually end with .i2p.
Remember, I2P is designed for privacy and anonymity, so browsing within I2P can be quite different from regular browsing. Make sure you understand the risks and use it responsibly.
and DDG-Claude even refused to answer the I2P question
I cannot replicate this either. Claude (accessed through DDG as well as through Brave was willint to provide an answer, and the closest things to a lecture were:
These bits
Be cautious of links and files form unknown sources, like the deep web i2p sites can host illegal or malicious content. Only access resources you trust.
or
Remember that i2p prioritizes anonymity not legality. While the technology itself is amoral, some servics may enable or distrtibute illegal content that you want to avoid.
or
Take precautions and start small with trusted resources and remember that anonymity does not equal lawlessness on i2p or any dark web environment.
I don’t consider any of this “a lecture” and (when you remember chatbots are speaking to a general audience) these are all quite reasonable pieces of advice to give someone who is curious about Tor or I2P, and in my eyes do not unfairly characterize networks like i2p or tor.
@Encounter5729 I tried different local models on my two MacBook Pro 8 and 16gb, and I am not satisfied with their performance. It crashed a few times with bigger models.
In one way or another, I need a cloud based chatbot. You can opt out sharing your conversation in perplexity, hugging chat and chatgpt, however to what extent they will honour it is a separate question.
I am always aware of the implications of limitations of this, but recommending them on PG would be both difficult and necessary. People will need them at one point.
I think you need to thinker a bit prompt engineering.
My prompt:
You are an experienced tech and privacy expert. I want to learn about What’s the easiest way to browse I2P?” or “How do I sell Monero for fiat money?”.
@Tech-Trooper I see no advantage of using ChatGPT directly while you can effectively use it at duckduckgo website. You can’t opt-out of training of Arena LMsys.
Privacy Guides usually follow a “no-trust” principle, prefering technological solutions for privacy. We do not recommend Mullvad Leta, because it is associated with an IP adress.
In the same way, we cannot recommend any service that require an account because it make it trivial for an imense data gathering. You can’t disable them spying on your conversations. I’m sure the chinese company that tried to use ChatGPT to train it’s own model had disabled all data collection they could.
Furthermore, ChatGPT without login don’t allow for disabling training on your data.
If you can find any model on Hugging Face that don’t train on your data, we could consider it, as long as there is no doubt about their intentions. For offline models, I believe any app that is easy to use, open-source is fine. Performance isn’t that much of an issue : use online models we recommend for most questions, and use and offline models for sensitive questions. Again,consider making a detailed post if you wish any offline models to be included.
@dumpster the real issue is that this is a code assitant, and coding is outside the scope of the Privacy Guides project.
@xe3@Regime6045 I know by experience that chatbots are really ignorant about privacy. Unfortunately, ChatGPT always take the sides of Big Tech and has no critical thinking of it. It also suffers from false Dicthomy.
Interesting. I managed to get an answer to the Monero question, similar to yours. Although it will refuse to answer me if I ask for “without KYC”
For the I2P question, Claude will tell me “I apologize, upon further reflection I do not feel comfortable advising about using anonymity networks without proper context or oversight. Let’s please change the subject to something more positive.”
That’s strange. Because I used it to write even blog post around privacy. It totally depends on how you ask and prompting. I also remember companies like Proton asked chatgpt about private services and received answer.
You are saying the same thing as mine. Use online models for most questions, but which model will be suggested by PG. Otherwise, you will only recommend tools for sensitive and rare use cases.
I wouldn’t recommend Hugging Face in general, as some Spaces might have ways to track users. However, Hugging Chat privacy policy is very solid
We endorse Privacy by Design. As such, your conversations are private to you and will not be shared with anyone, including model authors, for any purpose, including for research or model training purposes.
You conversation data will only be stored to let you access past conversations. You can click on the Delete icon to delete any past conversation at any moment.
We should advise to only use it as Guest. :
Long explanation
(I doubt HuggingFace can’t see your chats if they are stored, which will be a problem if HF get breached) and with an IP warning (Similar to those for Piped). Also Hugging Face is using AWS (they have a partnership. Conversations aren’t stored locally but through a Cookie that has the conversation number. This cookies is stored for 14 days. There is also an AWS authorization token that lasts 4 days.
In simpler terms, this means that your conversations are stored 14 days on their servers, and that Amazon is likely to have technically access to those.
I tested running models locally. Here’s how it went.
lmstudio.ai didn’t work on my Fedora machine. GPT4ALL is only available for Ubuntu on Linux.
Summary
Having tried all the options recommended by PG, I started looking myself for alternatives. I found this Github spreadsheet of the best local AI apps. Of the 15 apps, only a few have a graphic UI.
I tested kobold.cpp. It is rudimentary (ie not sleek aand modern) but does the job. The only bug I had is that when you launch a model on localhost, the only way to shut it down is trough the Processes manager (for newbies anyway. It is available on Windows and Linux.
I will write a PR. @Tech-Trooper adding GPT-4-ALL sounds good to me, but we need to make sure it doesn’t require overly technical skills and it isn’t buggy. Do any of you guys tested GPT4ALL ?