I’d like to know how well NanoGPT does or does not mitigate/eliminates this concern/issue.
I’d say a matter of zero.
Really?
Considering you can use NanoGPT via the Tor Browser, what kind of association can be made that would reveal that select prompts are yours? I’m not sure it’s zero.
The key is not hoe you connect to the services, is what you post on those services.
Users could follow the practices below to resist deanonymization:
Avoid consistently posting identifying micro-details across platforms.
Be cautious about discussing employer names, specific projects, or unique life events.
Assume that long-term posting histories can be automatically aggregated and analyzed.
Consider compartmentalizing identities and minimizing cross-platform overlap.
This method is not new, its just becomes much mkre accessible and scaleable by leveraging LLM.
this work shows that LLMs can operate directly on unstructured text such as forum posts, biographies, comments, and interview transcripts
That has nothing to do with the privacy of your prompts.
In addition to this type of information, is it possible that it’s able to read unique patterns in the way one writes and even behaves online?
That’s very likely.
What scares me the most is reidentification through writing style. It already is used by investigators, but LLMs and Agents will make it easier.
Also by interests and habits, etc.
For stylometry. Stylometry Protection (Using Local LLMs) - The OPSEC Bible
Lot’s of AI can be used via Tor afaik, that doesn’t make it private though, just not tied to your IP.
Tor isn’t anywhere close to a silver bullet. It’s best-in-class for protecting against some of the specific threats it is intended to defend against, but it isn’t designed to be (and couldn’t realistically be) an all-in-one solution to all risks.
what kind of association can be made that would reveal that select prompts are yours?
Some possibilities I can think of:
- Analyzing your writing style
- Typing cadence
- PII or indirectly identifying info that you volunteer intentionally or unintentionally in your conversations with AI. Lots of little innocuous datapoints on their own can add up to be not so innocuous when taken as a whole.
- How you choose to pay or sign up for your account
If you are using one of the TEE models offered by nano-gpt (most of their model offerings are just normal, mainstream, models from mainstream providers) that will offer a higher degree of confidentiality, particularly when combined with anonymous signup, paying with Monero, and taking steps to protect your IP and prevent fingerprinting (such as using Tor Browser or a VPN)
As an aside, nano-gpt doesn’t always make it clear, but they are a middleman, they do not host the models they provide, this is true of both the open and proprietary models. They are forwarding your queries to various third parties.
I’m worried about the same thing, and now I have to consciously think through changing what I type AND how I type it to prevent AI tracking. This timeline is quickly discovering new depths of total BS.
Interesting
Does that link open for you? Doesn’t for me.
Typing cadence
Just an idea. Could there be a program that interiors and randomises one’s typing cadence? Stop that even too your cadence remains you the same on the keyboard, they don’t actually appear on screen or are input in the same cadence
Yes, it works for me. This is the official site if you are having trouble.
I would assume so. It’s even possible that this is already mitigated by some existing anti-fingerprinting strategy in Tor Browser (I haven’t heard that it is, just speculating that it’s the sort of thing they would try to mitigate if they could).
I think blocking Javascript might also be an effective mitigation. But it’s an extreme step for most people.
A clunky, low-tech solution could be to just write out your query in a text document and copy-paste it into the browser.
I think whonix has built in stuff for this.
Looks like it. It’s called Kloak
Hmmm blocked for me even on vpn.