I realize these models are locked up pretty tight and terabytes in size, but in a future like that, I don’t see them not being leaked via an insider. The weights have to be loaded into VRAM at some point.
Every hyperscaler hosting these models outside of FEDRAMP environments has been compromised by every regional power’s intelligence services. Fable was running all over the world until today.
AWS and friends are very good at providing excellent enterprise grade security, but it’s literal child’s play for nation state threat actors to exfil these models.
TEMPEST / EMSEC alone is a wide open door for unclassified datacenters when the Mossad’s out to get you.
I'm skeptical that you're going to be able to reliably exfiltrate ~10TB of model weights using TEMPEST. Which is not to say weights are secure, just that this isn't the threat model I would be concerned about.
That would depend on what gets leaked, as I'm not so sure that the weights by themselves would be enough to replicate the architecture. I imagine some part of the secret sauce will remain in the architecture, and the tensor dimensions may not be enough to decode it.
I'm sure if proprietary models continue to be a big thing, the methodology of their storage and loading on hardware will be obfuscated quite a bit.
But you can see this is not true (yet); competitors/Chinese labs are less than 6 months behind: either via leaks or by just stumbling on the same improvements with time/effort.
What chinese labs are on par with GPT-5.3 and Sonnet 4.6 that I can go and use today? (granted they're 4 months ago, not 6 but nothing was released in Dec/Jan so I rounded up).
I don't think it's a good idea to give the crowds that kind of weapon. The first thing they'd do is "liberate" the model aka remove guardrails and safetly-protocols and brag on X / reddit with it and throw it into the public. That's only cool for a geek that doesn't think about the ethical impact of such a move. You'd basically become responsible for anything that is done with it, forever - have a good sleep. /s
As opposed to what, the US military, or better yet Israel (because we all know they won't be excluded) using that model to drive weaponry that kills people?
Your hypothetical implies that there is a better alternative, but when those models are "restricted", in practice that means that the only people who have access to them are precisely those who can and will use them for the worst kind of shit. So yes, releasing them to the public is a better deal, ethically speaking, at least then the playing field will be slightly more equal.
There are plenty of weapons (see custom made virus) which no state actor (or even an informal militia) would want to release, as these weapons attack everyone. But, open access to details of its construction leaves everyone vulnerable to motivations of small groups of crazy individuals.
What if I told you there are no safety guardrails. I used GLM 5.1 and had fable literally build a harness to avoid triggering guard rails.
I built skills carefully and had Fable doing vuln research and exploit repro in a few hours. I called the project manhattan. The GLM models are down for almost anything so I named it Oppenheimer. It orchestrated the fable CLI agents via tmux. This whole Fable/Mythos thing is such a fucking joke. It is all PR and theatre and they know it.
I’ve been doing pentesting with LLMs for a while and only hit a few “nope I won’t do that” and one “this conversation is flagged for being against the TOS”. No idea what the guardrails are but they are trivially abused
If the frontier models will take as much money to train as they do now, there is no way the wealthy are able to afford their training just for their own consumption. Financing of this whole thing rests on the models being available to companies and consumers who are willing to pay astronomical (compared to other software) sums for it.
I can very easily see a licensing requirement coming soon. Running a higher-grade AI will require a govt-issued license, which involves a six-month application process, explanations of why you need to run it, where it's going to be stored and who will have access to it, pretty much the same as non-USA countries deal with firearms.
Reasoning? More customers = more revenue, there's negative financial incentive behind restricting TAM. In the same way the iPhone isn't restricted to only the wealthy, that would significantly reduce total goods sold and thereby revenue. In addition that creates lower economies of scale, lower network effects etc.
Reasoning: the poster blames all evil in the world on "capitalism", "corporations", and "the rich". The aforementioned are conspiring to gatekeep us all from the obvious good of poor, communist anarchy.
Pay $1,000,000 per business function you want to build.
Businesses will gladly pay it.
Individuals will be locked out and unable to compete.
Oracle will be able to "prompt a new smartphone" for $500M or whatever and enter the market to compete with Apple and Google. You and I can't afford that and won't be able to compete.
Hyperscalers will hyper scale even faster.
They'll port Linux to Rust, remove the GPL, and have all kinds of new entirely proprietary OSes. They'll be attested, signed, and gradually we'll lose open hardware. Thin clients with binary blobs, highly encrypted, no control, only leased to us.
Within a generation nobody will be able to program or own devices that can program.
Very few businesses can pay 1M without blinking. None of my customers. But yeah, I got the gist of it. Incumbents like moats and happily pay money to build them. Note that the pricing of Anthropic's models usually increases for new models. Chinese models cost 10 or 100 times less. Are they less capable? Maybe, but they are alternatives unless credit card companies start banning payments to them.
People have to eat food so they will keep doing business no matter what. If AI cost too much, they will do it without AI. Any resource that costs too much is replaced with cheaper alternatives. AI is no exception. At worst most of the IT business will die and we will make money doing something else.
That's the fundamental difference with open models, anybody can run and tune them any way they like. The real difference in philosophy is that Americans companies treat the model as the product, while Chinese companies see models at infrastructure you build products on top of. You amortize the cost of deploying it at scale by sharing knowledge and iterating quickly to bring the cost down.
I realize these models are locked up pretty tight and terabytes in size, but in a future like that, I don’t see them not being leaked via an insider. The weights have to be loaded into VRAM at some point.
It’s a pretty safe bet that every frontier lab has multiple foreign intelligence agencies running assets inside of it.
Every hyperscaler hosting these models outside of FEDRAMP environments has been compromised by every regional power’s intelligence services. Fable was running all over the world until today.
AWS and friends are very good at providing excellent enterprise grade security, but it’s literal child’s play for nation state threat actors to exfil these models.
TEMPEST / EMSEC alone is a wide open door for unclassified datacenters when the Mossad’s out to get you.
I'm skeptical that you're going to be able to reliably exfiltrate ~10TB of model weights using TEMPEST. Which is not to say weights are secure, just that this isn't the threat model I would be concerned about.
That would depend on what gets leaked, as I'm not so sure that the weights by themselves would be enough to replicate the architecture. I imagine some part of the secret sauce will remain in the architecture, and the tensor dimensions may not be enough to decode it.
I'm sure if proprietary models continue to be a big thing, the methodology of their storage and loading on hardware will be obfuscated quite a bit.
But you can see this is not true (yet); competitors/Chinese labs are less than 6 months behind: either via leaks or by just stumbling on the same improvements with time/effort.
What chinese labs are on par with GPT-5.3 and Sonnet 4.6 that I can go and use today? (granted they're 4 months ago, not 6 but nothing was released in Dec/Jan so I rounded up).
Hope it happens someday. That'd probably be the best possible outcome for all of humanity.
The gamers would really be complaining about why they can’t run Fable.torrent on their gaming PCs
I don't think it's a good idea to give the crowds that kind of weapon. The first thing they'd do is "liberate" the model aka remove guardrails and safetly-protocols and brag on X / reddit with it and throw it into the public. That's only cool for a geek that doesn't think about the ethical impact of such a move. You'd basically become responsible for anything that is done with it, forever - have a good sleep. /s
As opposed to what, the US military, or better yet Israel (because we all know they won't be excluded) using that model to drive weaponry that kills people?
Your hypothetical implies that there is a better alternative, but when those models are "restricted", in practice that means that the only people who have access to them are precisely those who can and will use them for the worst kind of shit. So yes, releasing them to the public is a better deal, ethically speaking, at least then the playing field will be slightly more equal.
There are plenty of weapons (see custom made virus) which no state actor (or even an informal militia) would want to release, as these weapons attack everyone. But, open access to details of its construction leaves everyone vulnerable to motivations of small groups of crazy individuals.
What if I told you there are no safety guardrails. I used GLM 5.1 and had fable literally build a harness to avoid triggering guard rails. I built skills carefully and had Fable doing vuln research and exploit repro in a few hours. I called the project manhattan. The GLM models are down for almost anything so I named it Oppenheimer. It orchestrated the fable CLI agents via tmux. This whole Fable/Mythos thing is such a fucking joke. It is all PR and theatre and they know it.
I’ve been doing pentesting with LLMs for a while and only hit a few “nope I won’t do that” and one “this conversation is flagged for being against the TOS”. No idea what the guardrails are but they are trivially abused
If the frontier models will take as much money to train as they do now, there is no way the wealthy are able to afford their training just for their own consumption. Financing of this whole thing rests on the models being available to companies and consumers who are willing to pay astronomical (compared to other software) sums for it.
It's always been this way ever since the first industrial revolution.
I can very easily see a licensing requirement coming soon. Running a higher-grade AI will require a govt-issued license, which involves a six-month application process, explanations of why you need to run it, where it's going to be stored and who will have access to it, pretty much the same as non-USA countries deal with firearms.
Reasoning? More customers = more revenue, there's negative financial incentive behind restricting TAM. In the same way the iPhone isn't restricted to only the wealthy, that would significantly reduce total goods sold and thereby revenue. In addition that creates lower economies of scale, lower network effects etc.
Reasoning: the poster blames all evil in the world on "capitalism", "corporations", and "the rich". The aforementioned are conspiring to gatekeep us all from the obvious good of poor, communist anarchy.
Pay $1,000,000 per business function you want to build.
Businesses will gladly pay it.
Individuals will be locked out and unable to compete.
Oracle will be able to "prompt a new smartphone" for $500M or whatever and enter the market to compete with Apple and Google. You and I can't afford that and won't be able to compete.
Hyperscalers will hyper scale even faster.
They'll port Linux to Rust, remove the GPL, and have all kinds of new entirely proprietary OSes. They'll be attested, signed, and gradually we'll lose open hardware. Thin clients with binary blobs, highly encrypted, no control, only leased to us.
Within a generation nobody will be able to program or own devices that can program.
That's the scary scenario.
Very few businesses can pay 1M without blinking. None of my customers. But yeah, I got the gist of it. Incumbents like moats and happily pay money to build them. Note that the pricing of Anthropic's models usually increases for new models. Chinese models cost 10 or 100 times less. Are they less capable? Maybe, but they are alternatives unless credit card companies start banning payments to them.
> Very few businesses can pay 1M without blinking. None of my customers.
Then they won't survive the termination boundary.
Too bad. Should have had more cash.
People have to eat food so they will keep doing business no matter what. If AI cost too much, they will do it without AI. Any resource that costs too much is replaced with cheaper alternatives. AI is no exception. At worst most of the IT business will die and we will make money doing something else.
Then I guess I stop using computers that much outside of my job. It was fun while it lasted, but there’s other stuff.
You don’t _have_ to buy into the technocracy, there’s a whole outside going on.
That's genuinely terrifying.
I'm praying that China survives this BS and remains the bastion of AI model openness and freedom of choice. Can't believe I just wrote that.
China’s biggest models are closed
The biggest open models are also Chinese
[dead]
Not if Chinese companies have anything to say about it.
Chinese AI self censor or are banned from being released by their emperor.
how is that different from US AI that self censors and is banned from release by their emperors?
US have guardrails, China have censorship.
US have fair tax breaks to support the national champions, China have unfair State-backed monopolies.
US have necessary intelligence gathering, China have state-surveillance.
https://pbs.twimg.com/media/B_AiI9_XIAA67_t?format=jpg&name=...
Well, it's different in that at least the Chinese companies release weights unlike the American ones!
Deepseek's base models aren't censored.
I don’t need an AI to tell me about Tiananmen Square. I need it to do boring grunt work.
That's the fundamental difference with open models, anybody can run and tune them any way they like. The real difference in philosophy is that Americans companies treat the model as the product, while Chinese companies see models at infrastructure you build products on top of. You amortize the cost of deploying it at scale by sharing knowledge and iterating quickly to bring the cost down.