| The thing is that what they say on the homepage has to be trusted and cannot be verified. At best they put contractual commitments but no one will know what happens behind the scenes. With attestation of secure enclaves (https://blog.mithrilsecurity.io/confidential-computing-expla..., sorry it's a bit old and not tech enough we will update it), you can have technical proof that people will respect what they say contractually. I don't think OpenAI is using any real Privacy Enhancing Technologies, and even if they did you have no actual proof they are doing anything (unless they use secure enclaves). I agree, ideally you would like a purely mathematical solution like homomorphic encryption but truth is we might not see that before years or more (public key cryptography is not known to be fast). Not everyone has access to high-end consumer hardware, and just maintaining the software/hardware stack on premise is complicated, so imagine having to manage thousands of device. It is not impossible unless you are Apple/Google, and even if you are it's not perfect.
By sending model on the device it is quite easy to reverse engineer it, so not only your IP gets stolen easily but people can start making adversarial attacks. Yes enclaves are a generic solution. In the end it's a bunch of level hardware primitives. But to have something that is truly fast, secure and easy to use, you need to focus on a use case to serve your users. We have chosen to focus on AI because we love AI and think it's a first niche market that is relevant, especially today. I am not sure about going more on device / on premise. You can benefit from huge scaling effects by relying on managed services that are easier to maintain, patch, and deploy. |