Hello,
I’ve recently started playing about with hosting various AI systems locally with the aim of getting a working, but privacy-respecting setup. One of the things I’m trying is getting image generation working. I’ve considered the recommendations on PG, but don’t like having to downgrade the security settings on my Mac to run Kobold, and am aware of a few vulnerabilities in Ollama. Given that, I’ve been looking for alternatives and have come across Draw Things. This would be ruled out of the PG criteria straight away as it isn’t cross-platform, but looks fairly OK to someone with very limited technical knowledge.
I’m after guidance from people who know what they’re doing on two things:
- Is Draw Things in fact as safe and completely privacy respecting as it presents itself? I’m thinking primarily about privacy of prompts and outputs, but also wonder about other risks I might not immediately be thinking of. (I know they have cloud options - I’m talking about when those options are switched off/not utilised.)
- Is it possible that, even if Draw Things (or whatever application one uses) is safe and privacy-respecting, one of the AI models one uses could in fact compromise one’s privacy or security? I’ve seen PG’s guidance on how to choose one’s models well, but I don’t know what the risks are here, and I don’t know whether I can assume that models downloaded through either draw things or from ‘verified’ companies via the huggingface repository (which PG recommends) will be privacy respecting. I’m particularly led to ask this question because Stability AI have started asking for personal details to allow people to download their latest model. Is there some way a model like this could have built in telemetry despite being locally run through a privacy respecting application?
Thank you very much indeed for any help.