Why do they describe Proton as an ISP though?
About the organisation:
Proton, a privacy-aware ISP based in Switzerland.
Looks to me as if they’re a bit pissed about something the way their whole blog is written.
However they do use open-source/open-weights model. That’s good for privacy.
Open weights is not open source, it’s yet another marketing lie invented by AI bros, it goes directly against core values required of open source software.
How is it good for privacy? It’s a black box, open weights just means you get to copy it like freeware in the old days.
And to everyone saying they “wouldn’t call it a lie” above
lie
noun
an assertion of something known or believed by the speaker or writer to be untrue with intent to deceive
Calling something open source when it’s not even close (what they released so far are just GUIs) is a lie and false advertising.
Would you also not call it a lie if they told you it was free and you got charged at the end of the month? Oh sorry, they meant an intention to make it free in the future.
3 Likes
“Open source” is about code.
”Open weights” is about AI.
Both are accurate terms, not a lie. Similar to “open hardware”, “open data”, “open standard”…
And “Open source AI” is a new concept invented by Open Source AI – Open Source Initiative
Let’s call it an accurate term as well, because it became official definition as agreed by people participating in that definition process.
If we talk about the good old free software purity like f-droid.org describes next to every app, then its true.
My point was that it depends on interpretation. They are ambiguous, but this is an online service that use open-weights models with open-source clients. It doesn’t make sense to compare it with other downloadable models.
The OSI definition is controversial, and saying their definition is official because their in-group agreed on it isn’t saying much.
The OSI definition doesn’t really touch on having the sources open, and even provides a huge loophole for people to never release data, while still getting the label “Open Source”.
1 Like
How does updating the browser add-on code really differ from cached scripts on visiting the website? Honestly don’t see much difference.
Thanks for the links. Good to know about the debate.
I knew were was definitely a debate, now I know about what.
1 Like
The thread is a bit too long for me to read, so I will ask here. Has @Proton_Team responded to this at all yet, outside of the initial response they gave?
2 Likes
It’s true, but even with this loophole open models such as Llama and Mistral don’t even make it as open-source. This is because of still requires weights at different stage of training, all code used to make the LLM (think code to filter data, evaluate model, and much more), and a very detailed explanation of the training data.
The later point, while they don’t have to release the training data, in my understanding they have to be very specific on what it is. They can’t just say “publicly available data”.
Right now the only way to use AI in a privacy-respecting way is to run it locally. Ollama makes this easy, but realistically speaking you need a high end GPU to get decent performance. The medium-size models work fine on my RTX 3090, but that’s a pretty big investment unless you also use it for gaming.
1 Like
Not quite true. Depending on what and how you mean “privacy respecting”, as long as you do not share PII with any LLM, NanoGPT is by bar the best tool out there for the best quality of gen AI output + completely private, secure, and anonymous payment and usage of it.
FYI, if you didn’t know.
I didn’t know. Since they accept crypto this seems a good private alternative to buying one or more GPUs, especially for occasional users.
1 Like
They don’t self-host their model, so there is not much privacy. Worse, they seem not to have any legally-binding agreements with the provider that they will not store or train on data (DuckDuckGo has such agreemenets)
We may provide your Personal Information to third parties in the following limited circumstances:
Service Providers: When you submit a prompt, it is passed directly to the relevant service provider (such as OpenAI, Anthropic, or another LLM provider). While we do not store any prompts or conversations, these service providers may store and process this information according to their own privacy policies. If you provide personal information within the prompts that you send, these service providers will have access to this personal information. Wherever possible we request maximum privacy and deletion, but we can not guarantee that providers do not store these prompts. For credit card processing, we use Stripe, which collects and processes payment information according to their own privacy policy.
Important Note on Provider Data Policies: While we only send prompts to the providers that we use, without sending along your IP or any other identifying personal information other than that which you yourself put into the prompt, keep in mind that our providers may still collect or store these prompts under their own data retention practices. We opt for minimum data retention in every way possible with every provider that we use, but we cannot guarantee that these providers will not retain some or all of the information you send.
OpenAI Data Retention Update: Following a recent court order, OpenAI has updated their privacy policy to state that they store all conversations and prompts indefinitely. This means that any prompts you send to OpenAI models (such as GPT-4, GPT-4o, GPT-3.5, etc.) through our service will be permanently retained by OpenAI. Please be aware of this when using OpenAI models and avoid including sensitive or personal information in your prompts.
Now this might be abundance of caution, but not trustworthy.
You are way better off using Proton Lumo or models that Brave self-hosts.
2 Likes
Like I said, depends on how you mean and look at privacy respecting. Let’s not gate-keep what privacy is or isn’t. It’s different for each person given their priorities. Also like I said, if you don’t share any PII, this really is the best available for superior output that you can even. use anonymously.
I just take issue with it being “completely private”.
1 Like
I meant that from a usage POV while also making clear only if no PII is shared.
You can control browser extension updates.
Apparently, the code has been released.
https://proton.me/community/open-source
So how does Lumo compare to duck.ai vs Anthropic? Is duck.ai still recommended over lumo?
I think the concern is that they don’t release the models they use, or disclose the models they use.
It is definitely better than duck.ai because Proton owns the infrastructure. Even for open-source models, Duck use a third-party (together.ai, seems trustworthy but one more party involved means more risk.
3 Likes
Thanks for that, I will start using lumo then!