Hacker News new | ask | show | jobs
by remram 776 days ago
What's preventing GPU providers from sending wrong results instead of actually running the computation? For example, send the last computed result? Is this something that the renter has to handle by adding their own checks?

In addition to the problem of the renter crashing your machine or reading your password through DMA, of course.
2 comments
latchkey 776 days ago
What incentive would a GPU provider have to spend time figuring out what result to send for some custom application?
link
remram 776 days ago
The incentive is huge, if I spend 2 milliseconds sending you your previous results instead of 2 hours running your new computation, I can (pretend to) run way more computations on the same hardware and collect hundreds of time more money.
link
latchkey 776 days ago
At the risk of being exiled off the platform and earning nothing. Don't forget, there is a bit of KYC with Stripe.
link
krapht 776 days ago
ID verification before you can host and random audits from gpudeploy.
link
greenish_shores 776 days ago
NO. That's the worst way to do almost anything on the Internet, and should be considered a last-line defense, if nothing else can be done. Here, it can be. See my comment above.
link
remram 776 days ago
That's my whole question, do they do random audits, or is it the job of customers to double-check their results for possible attack or compute-theft and report.
link
greenish_shores 776 days ago
It seems wrong to call it a "job of customers". It's like you wrote a Bitcoin client which didn't verified hashes of transactions, "trusting" everything. Or like serving a website with login feature supporting only HTTP, not HTTPS. It is a very basic feature of whatever software would connect to such services.
link
remram 776 days ago
So it is the job of the customer to write their own Bitcoin or HTTPS client, in your metaphor.
link
greenish_shores 776 days ago
Run 1/10,000 - 1/100,000 of computations locally, and also send them as tasks to be send remotely. If compare yields difference, repeat both. After, say, 10 tries, blacklist the provider. Of course it will take a lot more nuances to implement that, but that's the general idea. It's a no-brainer.
link
remram 776 days ago
Sounds like a lot of work that I would expect the paid service to help with.
link
greenish_shores 768 days ago
Yeah, it's "they" who should do that, of course.
link
greenish_shores 776 days ago
Linux supports IOMMU on most platforms.
link
remram 776 days ago
I fail to see how this relates. If you can't trust the provider, why does it matter whether they say they have IOMMU or not.
link
greenish_shores 776 days ago
It relates to the "get your passwords over DMA part".
link