What other proprietary software is necessary to use model weights?

I’ve been checking my password manager for over a year now, and I’m still finding more old accounts I have to delete!

My 120 deleted or pending deletion accounts only make up about 1/2 of the ones I need to delete overall. 😶

The response from the LLM I showed in my reply is generally the same any time you ask almost anything negative about the CCP, regardless of the possible context. It almost always starts with the exact words “The Chinese Communist Party has always adhered to a people-centered development philosophy,” a heavily pre-trained response that wouldn’t show up if it was simply generally biased from, say, training data. (and sometimes just does the “I can’t answer that” response)

It NEVER puts anything in the <think> brackets you can see above if the question is even slightly possibly negative about the CCP, which it does with any other prompt. (See below, asking if cats or dogs are better, and it generating about 4,600 characters of “thoughts” on the matter before even giving the actual response.

Versus asking “Has China ever done anything bad?”

Granted, this seems to sometimes apply to other countries, such as the USA too:

But in other cases, it explicitly will think about the USA for 2,300 characters, but refuse to answer if the exact same question is about China:

Remember, this is all being run on my local machine, with no connection to DeepSeek’s servers or web UI, directly in terminal without any other code or UI running that could possibly change the output. To say it’s not heavily censored at the weights level is ridiculous.

TLDR;

• Check your Password Manager/Stored Browser Credentials
• If on Apple devices, check your Keychain
• If on Android or using/used Chrome, check your Google Password Manager (enabled if you chose to save passwords to your Google account)
• Search old email inboxes
• Search for your email in data breaches
• Search for old usernames you re-used across sites

I personally would also add searching your browser cookies, since some browsers will keep around old cookies for years if you don’t clear them.

the company states that it may share user information to "comply with applicable law, legal process, or government requests.

Literally every company’s privacy policy here in the US basically just says that too.

Not only does DeepSeek collect “text or audio input, prompt, uploaded files, feedback, chat history, or other content that [the user] provide[s] to our model and Services,” but it also collects information from your device, including “device model, operating system, keystroke patterns or rhythms, IP address, and system language.”

Breaking news, company with chatbot you send messages to uses and stores the messages you send, and also does what practically every other app does for demographic statistics gathering and optimizations.

Companies with AI models like Google, Meta, and OpenAI collect similar troves of information, but their privacy policies do not mention collecting keystrokes. There’s also the added issue that DeepSeek sends your user data straight to Chinese servers.

They didn’t use the word keystrokes, therefore they don’t collect them? Of course they collect keystrokes, how else would you type anything into these apps?

In DeepSeek’s privacy policy, there’s no mention of the security of its servers. There’s nothing about whether data is encrypted, either stored or in transmission, and zero information about safeguards to prevent unauthorized access.

This is the only thing that seems disturbing to me, compared to what we’d like to expect based on the context of what DeepSeek is. Of course, this was proven recently in practice to be terrible policy, so I assume they might shore up their defenses a bit.

All the articles that talk about this as if it’s some big revelation just boil down to “company does exactly what every other big tech company does in America, except in China”

• For Mail, I’d recommend Tuta (which comes with 15-30 aliases depending on the plan) and a third-party aliasing service like Addy if you need more than that. If you want a different aliasing service and are searching around, and trying to avoid giving money to Proton, avoid SimpleLogin, since they are owned by Proton. I don’t believe Tuta has email scheduling, though.
• For Drive, either use Tresorit, or use Cryptomator if you’re okay with paying for OneDrive/Dropbox/Google Drive. (Cryptomator encrypts uploaded files & names so the cloud provider itself can’t view the contents)
• For Pass, I personally would recommend Bitwarden or Keepass simply depending on whichever one you prefer more. Both are good options.
• For VPN, definitely use Mullvad. Simple, unchanging monthly price, you can pay via numerous different ways if you want to keep your identity more private from them (e.g. paying with cash by mail, XMR, etc) and you’ll get an account number rather than needing to actually give them any information like an email to create an account. Do be aware it has much less locations than Proton, and most other VPN providers, although it’s still quite fast and usable for most cases.
• For Calendar, Tuta also has a calendar feature built-in.

I’d highly recommend checking out Privacy Guides by the way, since they tend to have good lists of alternatives for any other services you may want to switch from also.

I’m running the 1.5b distilled version locally and it seems pretty heavily censored at the weights level to me.

Possibly, but in my view, this will simply accelerate our progress towards the “bust” part of the existing boom-bust cycle that we’ve come to expect with new technologies.

They show up, get overhyped, loads of money is invested, eventually the cost craters and the availability becomes widespread, suddenly it doesn’t look new and shiny to investors since everyone can use it for extremely cheap, so the overvalued companies lose that valuation, the companies using it solely for pleasing investors drop it since it’s no longer useful, and primarily just the implementations that actually improved the products stick around due to user pressure rather than investor pressure.

Obviously this isn’t a perfect description of how everything in the work will always play out in every circumstance every time, but I hope it gets the general point across.

They genuinely didn’t know, they were just asking because they wanted an answer! /s

There is some logic to using crypto, but solely using it as « haha numbers go up, profit, profit! » is stupid

I heavily agree with this. I see too much blanket anti-crypto sentiment regardless of the possible use case.

When I pay for my VPN, paying in XMR means they can’t tie my real-world name and address from my card to my account. That’s objectively beneficial compared to my VPN knowing my exact name and address in conjunction with my browsing activity.

If I want to donate to a creative in a different country but they can’t use traditional banking rails that connect to my country, how else do I send them money online?

Sure, there’s a ton of issues with crypto not just in practice, but even in concept, but as you said, there is some logic to using crypto.

This makes sense to me from a framing perspective. As an American myself, despite my best efforts, I still fall into the same trap of sort of assuming everything is much more American centric than it actually is, including other people’s opinions on American politics from outside America.

His post does come off as wildly tone deaf, but seeing how he would have perceived it, it makes a lot of sense. He endorses policy by a party that shared his values, and then gets pushback for it from people who support his values. I’d probably be as confused as him if I was in his shoes.

1. Trans people who don’t pass will also feel awkward walking in there, and many of them don’t. Often times, you’ll primarily just see people who pass going into the restroom matching their gender. Just the fact they identify as the gender doesn’t often mean even they are comfortable going in there, so it’s not like anyone presenting as masculine going into the women’s restroom is even a common occurrence in places where trans people are accepted
2. Anyone who would be willing to visually change themselves to pass as the opposite gender doesn’t need “being trans” as a concept to do so, and could be just as willing to engage in that regardless.
3. Gay people exist and they don’t feel awkward walking in to those spaces, yet could just as well engage in sexual assault of people matching their gender without anybody questioning their right to be there.

Of course he’s a real estate developer.

Oh no, that’s not him, that’s a different person. I was showing how those are the only two accounts on all of LinkedIn with the same name as him, and showing that his account is no longer there.

This man doesn’t even know the difference between AGI and a text generation program, so it doesn’t surprise me he couldn’t tell the difference between that program and real, living human beings.

He also seems to have deleted his LinkedIn account.

Gotta love how they saved the literal slot machine for a minute in to the video so it wouldn’t be too obvious.

Perfection is impossible. Demanding it is silly.

1. This isn’t even a matter of perfection, this is Recall barely managing to censor the most blatantly sensitive information (see: the article saying “I also created my own HTML page with a web form that said, explicitly, “enter your credit card number below.” The form had fields for Credit card type, number, CVC and expiration date.”)
2. Demanding a system protect user data is not silly, it is necessary. And if a given system can’t do that, then it should never be used. Especially considering the fact this is likely going to make its way onto PCs handling extra sensitive data with strict privacy requirements, such as medical data protected by HIPAA.

Context can be trained.

3. Maybe Microsoft shouldn’t have released a tool until it had that context then?

If a company releases a half-baked tool that doesn’t do what it advertises, easily fails in simple attempts at identifying sensitive data, and is almost impossible to guarantee data security with, then it should never be used or advertised for any context in which any sensitive data could ever be present.

It’s like keeping an armed nuclear bomb in the center of a city at all times and being like “hey, it’s ok that it’s activation sequence isn’t perfect, it probably won’t go off”.

Obligatory mention that for 20 years the launch code for nukes in the US was 00000000.

This will go over extremely well. (for the CEOs) Management, ignoring all advice by the company’s IT people, will order them to enable Recall to “improve productivity” because one guy on LinkedIn said it made him one quattuordecillion percent more productive, IT will protest but will be inevitably shot down. Everything will be fine for a bit until some attacker inevitably gets into their systems and steals the Recall data from all their active workstations, leading to the compromise of almost every system they have.

They offer their customers 1 free year of credit monitoring, promise to do better, never get punished by the law, rinse and repeat.

Meanwhile, the CEO’s paycheck will never take a hit no matter what they do.

An online ecommerce platform.

It’s similar to Etsy. Targets smaller creators, values individual-made goods, but focuses on digital content, like soundtracks, 3D assets, etc.

Too true. The first lemmy instance I signed up for shut itself down without warning within a week of me signing up because they’d accidentally federated with a CP instance and their country’s government could have ended up putting the instance’s owner in jail for it.