[zkmon]

Most American companies (regulated ones, definitely) can't dare to touch any Chinese models, though they knew that it makes perfect economic sense. Until the taboo prevails, the cartel get's their flood of profit. That's a cartel protected by regulations.

[xnx]

Is "taboo" the right word? "taboo" = "banned on grounds of morality or taste". Not sending data to known IP thieves, state actors, and competitors in China (or Russia or Israel) seems very rational.

[HarHarVeryFunny]

Many of the Chinese models are open weights, so if you are concerned about them "phoning home", then anyone can just self-host and run them themself, or use via a US provider such as OpenRouter.

[falcor84]

There's a higher-order concern here that I'm paranoid enough to voice: that if used as a coding agent, an AI model affiliated with a country's government might try to make my software susceptible to attacks by that government's intelligence forces.

And note that I'm not singling out China here.

[zozbot234]

> that if used as a coding agent, an AI model affiliated with a country's government might try to make my software susceptible to attacks by that government's intelligence forces.

Note that if such a trigger were to exist, the behavior has to be completely reproducible by definition, e.g. when put into the right setting with the right input context, the model starts behaving maliciously with at least some well-defined probability. I don't think any such incident has ever been described, it's a purely theoretical concern.

[Avicebron]

I don't think it's a stretch that you can train/align a model to avoid "hatespeech" or other topics deemed $Unacceptable you can align a model to favor a certain ideological viewpoint and have that alignment subtly influence the output.

How do most Chinese models handle Tienanmen square or discussions on Han superiority?

[margalabargala]

Oh sure, no one said you can't train a model to do this. You certainly can.

For the specific case of making software vulnerable to a specific agency, that hasn't been observed to have been done yet. Not because it can't be, but because no one has for now.

If it were done, it would be easy(ish) to detect, since it'll be reproducible.

[palmotea]

> How do most Chinese models handle Tienanmen square or discussions on Han superiority?

https://www.theguardian.com/technology/2025/jan/28/we-tried-...

https://dev.to/jeramos/deepseek-model-does-not-censor-tianan...

[zozbot234]

> How do most Chinese models handle Tienanmen square or discussions on Han superiority?

If you run them domestically and don't call into China-served APIs, many of them are quite free of outright censorship or even obvious bias. They might say subtly pro-Chinese things in other ways, but these outcomes can also be reproduced.

[SpicyLemonZest]

Such incidents have been extensively described. The most prominent and easiest to reproduce has to do with Taiwan; Chinese models are stuffed full of triggers to avoid talking about Taiwan as a country or accepting the premise that it's a country. Try asking Deepseek about country code +886!

[zozbot234]

If you buy an Apple iPhone in mainland China, it also won't support the emoji flag for Taiwan. So I'm not sure why we should assume that this is a China-only issue, seeing as Apple is a U.S. based company.

[ma2kx]

Sure, but I don't talk with my coding agent about politics. And its something different to avoid a topic and to deceptively implement a backdoor.

[Humorist2290]

It's more comical than sinister, but I have an example in this vein.

I was using Claude to work on a pet project which itself has a "generate with AI" feature. The default model the project uses was Gemini (because it was cheaper and more reliably produces the correct output format). Claude kept changing the default model to Opus when working on entirely unrelated parts, and I kept noticing it because Opus would mangle the output and break the rendered page. It also did this to the .env file in addition to the default.

[add-sub-mul-div]

Giving up our agency to AI has the potential to turn us into NPCs, period. Economically, politically, socially. They've invented a vehicle for inserting any idea they want into our consumption and output.

[HarHarVeryFunny]

If you're that paranoid, then you shouldn't be using any online services at all, and should not have an internet connection to your PC. Never use a compiler that you have not bootstrapped yourself without the use of any other compiler binary.

Even with these precautions you may still be hacked by state-level actors using a whole variety of sophisticated attack vectors. There may be Stuxnet-like software hidden on your hard drive where you cannot see it. If you do not have a TEMPEST hardened compute environment then anything you type on your keyboard or display on your screen may be getting stolen.

That said, it would be a fantastic achievement if someone could create a coding model that managed to hide a backdoor in the code it was generating. although surely simpler to hack you in 100 other ways.

[moron4hire]

Isn't this only a concern for yolocoding? All the AI-advocates tell me that "good" use of AI should include human review. Of course, they never seem able to explain why the boss that makes you use coding agents to go fast wouldn't be the same boss that pressures you to "just ship it, it's working" and skip review, so I absolutely believe your concern is valid.

[imjonse]

Since that is valid for every model from any country, it's a good idea to review the code the agent creates :)

[beepbooptheory]

Almost feels like maybe the best bet is to have humans make the code when its really important.

[throw1234567891]

Because people cannot be manipulated.

[sometimelurker]

you can finetune the ccp propaganda out of them, then your mostly fine. if you want to be more safe you can finetune their public base models to not have ccp propagnada, and then proceed with the rest of the training (costs more tho)

[stevehawk]

so use the cheap model to do the work and the expensive domestic model to audit?

[SpicyLemonZest]

Or I can just use the domestic model, accepting that I'm paying some premium in order to reduce the complexity of my dependencies and the amount of time I have to spend thinking about supply chain risk. It's the same reason I don't buy things from Alibaba even though many things I buy from Amazon are surely available there for less.

[throw1234567891]

You use “use the model” as if it was equal to “paid some guys to run inference on their hardware”.

[kube-system]

Most American companies are using frontier or near frontier models.

And OpenRouter’s architecture makes it inherently a compliance nightmare.

It’s much easier for the typical company to go with a provider where they can pay as they go and have a single data processing agreement.

[JumpCrisscross]

> OpenRouter’s architecture makes it inherently a compliance nightmare

Why?

[kube-system]

Because the platform is designed to send data to numerous different backend data processors.

Using something like Bedrock is a lot easier for compliance because the only processor is Amazon.

[joquarky]

Amazon would never do anything nefarious.

[chrsw]

Very few American companies know how to properly set up and self-host their own models. Even fewer actually do it. It in the context of your typical large enterprise it's not as simple as buying a rack of servers and downloading a model off Hugging Face.

I suspect the reason is similar to the reason why there aren't any competitive open weight American LLMs.

[xnx]

Yes. Open weights are great and are a good option to hosted models under the right circumstances. I'm glad that China releases open weight models (which in some cases are sort-of be distilled versions of hosted US models).

[tcp_handshaker]

>> Not sending data to known IP thieves, state actors, and competitors in China (or Russia or Israel) seems very rational.

As opposed to sending data to known IP thieves, state actors, and competitors in the USA ? Which one is the most irrational?

[Levitz]

You can legally act against one, not against the other.

Not exactly a hard question.

[vitally3643]

No, in very real terms you cannot hold an American corporation responsible for anything any more than you could a Chinese or Russian one.

Individual citizens simply do not have the means, and the consequences for trying are life-alteringly severe. In fact the situation is even worse. If you tried to sue a Chinese company as an American citizen, you'd be laughed at and nothing more. If you tried to sue an American corporation, they have the option to either counter-sue, or drag things out so long that the legal fees bankrupt you, or win the case with their armies of lawyers and demand compensation from you that bankrupts you.

A private American citizen simply cannot hold an American corporation responsible. Our legal system is designed to ensure this.

[tapland]

This has nothing to do with the discussion. Do you have a HN poster bot just acting like an annoyed teenager with gripes about everything? 20 day old new account, what happened to the previous ones?

[subscribed]

You can't really act against neither, as the case of Meta "stealing" books, torrenting on the truly industrial scale, sharing books while torrenting, etc, etc, was ultimately deemed okay.

In the se country where downloading an album can get a person in debt or worse.

[joquarky]

You can act, but the only winner will be the lawyers.

[SanjayMehta]

No one is forcing you to use either.

[MSFT_Edging]

Technically yes, practically, good luck.

[tcp_handshaker]

Looking forward to the outcome of those legal processes againt the CEOs, that sit behind Trump at the inauguration. After they stole all the knowledge in the world to train their models. And the current administration is drunk on SpaceX pre IPO shares...how did they get them?

"Trump Officials Held Millions of Dollars of SpaceX Ahead of IPO" - https://news.bloomberglaw.com/texas-brief/trump-officials-he...

[sandworm101]

Given how little voting power these "shares" have (they are effectively SpaceX trading cards/NFTs) perhaps they were simply printed on SpaceX letterhead? If Musk says a person has "shares" who at spacex is in a position to disagree?

[tcp_handshaker]

I would consider editing this while HN still allows it :-)) Or otherwise it may remain here for ever...until the black holes evaporate, as calibration point for the difference between confidence and comprehension...

[Levitz]

I meant to look for an example of Musk losing a lawsuit and I accidentally came upon another two.

Here and elsewhere you are just running propaganda, knowingly or not.

[tcp_handshaker]

Musk and companies have so far over 950 lawsuits and legal processes for criminal or unethical activity (yes I researched this). Even his data centers and gas turbine deployments are illegal!

Lost one lawsuit against the same AI mafia, and if you look at the legal details reason was for filling the claim too late.

He publicly called a hero a Pedophile, and got away with it...in court.

Now...who do you work for?

[1] - "EPA rules that xAI’s natural gas generators were illegally used" - https://techcrunch.com/2026/01/16/epa-rules-that-xais-natura...

[SanjayMehta]

Nothing will happen to anyone.

Biden preemptively pardoned his cronies, and so will Trump.

[bediger4000]

This is an argument against pardons, except that Trump has used instruments of state power against his perceived enemies (Comey James, Schiff, military occupation of Tim Walz state, etc etc).

[enraged_camel]

We as Americans at least have some amount of influence over American corporations, and enforcement mechanisms for those breaking the rules.

[ajsnigrutin]

I'm pretty sure those corporations have much more influence over american politicians, regulators, lawmakers, etc. than eg. russian or chinese ones.

[Avicebron]

Well sure they do, thank Citizens United and others for that. But that doesn't mean we can't appropriately categorize them as also hostile actors alongside russia, china, whoever.

It's undo influence over politics against the best interest of the American people that's the issue. Company, foreign nation, it doesn't matter.

[advael]

Citizens United did a lot to effectively legalize foreign influence as well, since the mechanism is opaque transfer of money

But regardless, most people's threat models should discount based on geographic and political distance. All else being equal, chinese surveillance is a bigger threat to you if you're in china than if you're in the us, and vice versa

[tcp_handshaker]

[flagged]

[groundzeros2015]

I suspect the recent space X S&P decision had something to do with public perception.

[somenameforme]

I think the odds of that are low. It's not like decision maker(s) are watching social media and going with the vibes, but it's almost certain that there's a rich conversation going on behind the scenes in opaque channels, especially with regards to the AI-only companies. And those conversations are likely what drove their decision.

[Dylan16807]

The decision was to do nothing, though. That's not much precedent for going out and punishing lawbreakers.

[woadwarrior01]

Our thieves are better than their thieves. :)

[Der_Einzige]

The Chinese models can and should be run locally (though the price difference vs western models isn't as good when done this way).

Before the age of AI Agent Harnesses/unbounded tool calling, there was literally ZERO risk of a .safetensors file "hacking" you. You could even air-gap and run a ton of security analysis/HIDS on your server running the model to verify this.

Now, because a microscopic risk of some chinese AI having a "trigger" to act badly in a harness when it detects its being used by some Gweilo in the USA, even locally run Chinese models are DOA for most USA based companies.

[obsidianbases1]

I'm not any less concerned about the US companies.

A Chinese company seems more likely to produce Chinese products that don't directly compete in the US market.

While a US company can ship the product as a feature of their platform and undercut on price while making up the revenue elsewhere

Edit: I personally use US models, but I'm not naive enough to think that's any sort of real protection of IP

[Matl]

> known IP thieves

Such as Antropic and OpenAI you mean?

[anematode]

Noooo, the real thieves are the Chinese AI companies which used Anthropic/OpenAI model output as training data. American AI companies can do no wrong. /s

[analognoise]

These are the same people that sent manufacturing jobs away to be copied elsewhere. They got rewarded for it in the market. Decades later, when it was clearly a problem, they got tax breaks to bring some of it back/distribute the work to other, friendlier countries.

Every public AI that is not full of classified material will end up being hosted where the energy cost*compute efficiency product is lowest, thievery or not.

With Chinese GPUs just a step behind (but subsidized), China putting in 8x more solar than we do in 1 year, and Chinese models just a step behind but free? All public AI will be hosted there, theft or not.

If it becomes a problem, then we’ll subsidize the rich to bring it on-shore, but only to those companies who our leaders invest in already - to maximize grift and corruption.

[qarl]

The real advantage of the Chinese models is that they do not phone home at all. They run locally unlike their US competitors.

So odd that your erroneous criticism is at the top of HN.

EDIT: I'd love to hear my downvoters' objections. Is it possible that the mechanism that is promoting erroneous information is also demoting its correction?

[kube-system]

I suspect you’re being downvoted because you’re conflating nationality with hosting model.

There are hosted and self-hosted Chinese models. There are hosted and self-hosted US models.

DeepSeek’s hosted offering processes your data in mainland China and trains on it. It’s in their privacy policy

[qarl]

Well - yes - we're on the internet. You always have a choice to run your software in foreign countries.

But it's still erroneous to claim that it isn't a choice.

[kube-system]

The most popular frontier models are not open weight.

[qarl]

The model we're discussing (Deepseek) is open weight.

[scotty79]

"China bad!" is a moral statement. Whetever the reasons might have been that it was formed.

[blfr]

China is bad and there's a moral argument there. But the reason you want to be careful with sending IP to China is quite pragmatic: they're willing and able to use it while competing with you.

Is Alibaba interested in copying your TUI RSS reader though? Probably not.

[bix6]

And US companies aren’t going to compete against you?

[mannanj]

I don't want to send my data to known IP thieves, state actors, and competitors in USA either. This to me seems very rational.

It's not tribalistic or binary ,choose USA Or Choose China. We can choose neither.

Choose neither abuse.

[FeteCommuniste]

They've been singing the same old song since the Cold War, "either support everything the US does or you're a commie/terrorist." Yawn.

[SanjayMehta]

“No country can match the output of moral judgments that spew out from the editorial pages of the New York Times and Washington Post and from the reports of the greatest think tanks and universities in the world.”

— Kishore Mahubani

[tcp_handshaker]

You have the models available on Bedrock. What is the problem? It stays within your AWS account.

[mynameismon]

Why not Chinese models hosted on American hardware?

[Der_Einzige]

The reality is that they're a hell of a lot less cheap on American hardware than on Chinese hardware. At the point you are running Chinese models on US hardware, "Why not nano or haiku" becomes the next relevant question.

[computerex]

Not true. Togetherai, deepinfra, fireworks AI offer a wide range of models like gpt oss that are very capable and far cheaper than the models from big 3.

[Der_Einzige]

I'm referring to Chinese open source models hosted on American clouds vs Chinese clouds. You're talking about an old and non-agentic capable American produced model.

[computerex]

You are actually referring to open weight models, not open source. Gpt-OSS is an example of an open weight model. It’s highly capable in agentic settings, people use it for coding all the time.

My greater point remains. Models like the qwen variants, minimax, k2.5, glm models are available by American providers like AWS at a much cheaper price than api offerings from the big three LLM providers.

Your point about Chinese models being cheap only on Chinese hardware makes absolutely zero sense. You can check out the model catalog like together ai’s qwen 3.5 9b offering. It’s 25 cents for 1M tokens vs the ridiculous $5/1M tokens for haiku.

[zozbot234]

Not a great example: Qwen 9b is a tiny model that outputs barely coherent text in a casual chat, nowhere near comparable to Haiku. But the broader point stands.

[cactusplant7374]

Are they better? Are they better than GPT5.5?

[computerex]

That depends on the use case. For a lot of business use cases they are good enough. They are certainly better than older models like gpt-4o.

[lopsotronic]

Even with open weights, there's a legit reason to be careful when making stuff for defense.

Let's say I am making sensor software, and I say, huh, let's bring in a tiny little vision model for my EO sensor - then it can identify "boat shapes" even if it doesn't have a database of all boats. Pretty neat, right? Well, the point could be made, that the weights might be hiding behavior that will make my vision model . . not see specific boats very well.

"Landing craft? I see no landing craft."

Some decent testing would expose this in a couple shakes, but, well, now you know how much software testing happens in Defense, especially in the unmanned world. Not a whole bunch.

[worldthruword]

And the reasons are same. Chinese cars can't be sold in US (EU is planning a similar law to ban Chinese goods).

[mavhc]

When will we see an open source car?

[moron4hire]

The same year Linux wins the desktop market.

[newaccountman2]

I think unless one is operating in a highly regulated industry, wanting to avoid "sending data to China" is a bit paranoid. For code specifically, most of it is not interesting anyways.

[joe_mamba]

>Most American companies (regulated ones, definitely) can't dare to touch any Chinese models, though they knew that it makes perfect economic sense.

Weird, considering they had no issues shipping manufacturing and supply chains to China when that made economic sense.

[blfr]

Yes, there was a whole idea about civilizing and pacifying the world through economic cooperation that would foster middle class in countries across the world that would then in turn make them democratize and become peaceful trade partners.

It didn't quite work out so now people are looking for other strategies.

[tcp_handshaker]

https://www.youtube.com/shorts/i1Hi_hacvN4

[galactushonor]

> It didn't quite work out so now people are looking for other strategies.

World will bifurcate into West and East with their own spheres of influence. As JD Vance said, US thought that China will be perpetually kept busy and enslaved in low level manufacturing work and the design and higher level work would happen in Cupertino. Too bad, that didn't pan out well and now US Empire is getting challenged by China.

[joe_mamba]

> US thought that China will be perpetually kept busy and enslaved in low level manufacturing work

It's OK, they'll repeat the same mistake again with India this time, when they move manufacturing from China to there, and in 10-30 years when they'll elect a nationalist strongman there, he'll squeeze the west for everything they got.

Because what are you gonna do about it then? They have all your manufacturing and they also have nukes and more soldiers.

[JumpCrisscross]

> in 30 years they'll electr a nationalist strongman

You’re about thirty years off on that estimate.

[zappb]

India is far ahead of that idea and already has legislation to encourage domestic manufacturing from global companies. Plus the nationalist government is in place.

[jampekka]

The idea does smell a bit like a rationalization for policy that was extremely convenient for stockholders and a disaster for workers.

[mitthrowaway2]

The government may have allowed it with that intention, but the corporate leaders followed through mainly with the intention of short-term share price increases. I don't see how the same incentive isn't in place today with respect to data. Perhaps only the perception of China's ability to outcompete its American customers has changed.

[goatlover]

And if that fails, the US can always use economic and military pressure to get what it wants.

[joe_mamba]

>then in turn make them democratize

Most non western countries lack the foundations of western democracy, and you can't force that onto them neither peacefully not through war. The west has tried and failed for 40+ years to do this, it doesn't work, time to drop it and let them self govern the way they always have. Stop trying to export our version of democracy onto others.

Plus, the main reason they exported manufacturing to China was precisely so capitalists could avoid the issues democracy gave them back home and easily exploit Chinese labor and environment for profit because just bribing the CCP meant all your problems go away, no unions, no employee rights, no environmentalism etc. like in democratic countries. So given that, why would the west want China or other countries they want to exploit, to be more democratic? Unless their version of democratic just means a puppet government under western(US) control.

>become peaceful trade partners.

Which countries did China bomb VS how many the US bombed? My energy prices (and directly inflation) is now higher because of (yet again) US military intervention, not because of China.

[zozbot234]

> Most non western countries lack the foundations of western democracy, and you can't force that onto them

Several East Asian countries managed to democratize successfully up thru the 1980s and are extremely successful today, so this is not just a uniform failure story. Even mainland China might still come around (at least partially) as it gains a true massive middle class by Western standards, which it's still very far from today. Southeast Asia is also doing comparatively quite well.